Proton Malware Uses Real Apple Code-Signing Signatures

By   ISBuzz Team
Writer , Information Security Buzz | Mar 07, 2017 05:15 pm PST

Researchers have spotted a piece of malware that has somehow gotten hold of genuine Apple code-signing signature. Tim Helming, Director, Product Management at DomainTools commented below.

Tim Helming, Director, Product Management at DomainTools:

Tim-Helming“This latest Mac malware shows that OSX, like all other targeted operating systems, is vulnerable to several types of attacks. One particularly nasty malware used by a group called APT 28 exfiltrates iPhone backups stored on a compromised Mac. While many people think that only targeted attacks use Macintosh malware, that’s not true. Macintosh has been recently targeted in a multitude of different ways, including adware, spyware, and other low-level styles of attacks.

The price dropping is common among underground sites and forums. Typically, just like negotiating the price for a car, adversaries will negotiate the price lower than what’s being asked, or the malware authors themselves will lower the price. If the sale price (100 BTC) doesn’t get interest, the malware authors will continually lower price points until it starts garnering interest from prospective buyers.”

Recent Posts