Jump to content


Largely undetected Mac malware suggests disgraced HackingTeam has returned

malware hackingteam undetected ars technica

  • Please log in to reply
6 replies to this topic

#1 UmarOMC1

UmarOMC1

    Legendary

  • Members
  • PipPipPipPipPip
  • 1438 posts
  • Location:NYC

Posted 01 March 2016 - 03:04 AM

Largely undetected Mac malware suggests disgraced HackingTeam has returned

Until recently, sample wasn't detected by any of the top antivirus programs.
by Dan Goodin - Feb 29, 2016 1:38pm EST

Researchers have uncovered what appears to be newly developed Mac malware from HackingTeam, a discovery that's prompting speculation that the disgraced malware-as-a-service provider has reemerged since last July's hack that spilled gigabytes worth of the group's private e-mail and source code.

[ continued ]
macOS 10.13.x/Windows 7 Pro/2009 MacPro 4,1 Xeon W3580 3.33GHz/16GB RAM/EVGA GTX1070 8GB

#2 Frost

Frost

    Secretary of Offense

  • Forum Moderators
  • PipPipPipPipPipPipPipPipPipPipPip
  • 6094 posts
  • Steam ID:CaptFrost
  • Location:Republic of Texas
  • Pro Member:Yes

Posted 02 March 2016 - 10:12 PM

<immediately checks the specified directories in a panic>

Ha. Nothing!

Gentlemen, you will always remember this as the day you almost infected... Captain Frost.

Posted Image
Kestrel (Falcon NW Tiki) – 4.0 GHz i7 4790K / 16GB RAM / 512GB Samsung 950 Pro M.2, 2x480GB Intel 730 (RAID0), 10TB STX BarraCuda Pro / GeForce GTX TITAN X 12GB
Iridium (MacBook Pro Mid-2012) – 2.7 GHz i7 3820QM / 16GB RAM / 2TB Samsung 850 Pro / GeForce GT 650M 1GB

Eric5h5:
When there's a multiplayer version, I'm going to be on Frost's team. Well, except he doesn't seem to actually need a team...I mean, what's the point? "Hey look, it's Frost and His Merry Gang of Useless Hangers-On!" Or something.

#3 DirtyHarry50

DirtyHarry50

    Special Snowflake

  • Members
  • PipPipPipPipPipPip
  • 1575 posts
  • Steam Name:DirtyHarry
  • Steam ID:dirtyharry2
  • Location:North Carolina, USA

Posted 06 March 2016 - 02:18 AM

I imagine XProtect will be updated to address this.
“The time you enjoy wasting is not wasted time.” — Bertrand Russell

#4 the Battle Cat

the Battle Cat

    Carnage Served Raw

  • Admin
  • 17430 posts
  • Location:Citadel City, Lh'owon
  • Pro Member:Yes

Posted 06 March 2016 - 03:22 PM

Intego sent me an email the day after this post saying that they were on top of it, gave instructions on how to find it yourself, and that they will update their definitions shortly.
Gary Simmons
the Battle Cat

#5 macdude22

macdude22

    Like, totally awesome.

  • Forum Moderators
  • PipPipPipPipPipPip
  • 2045 posts
  • Steam Name:Rakden
  • Location:Iowa
  • Pro Member:Yes

Posted 06 March 2016 - 06:25 PM

Good luck infecting my centris with anything hacker team.
IMG Discord Server | http://raptr.com/rakden | http://www.trueachie....com/Rakden.htm
Enterprise (MacPro 3,1): 8 Xeon Cores @ 2.8 GHz || 14 GB RAM || Radeon 4870 || 480GB Crucial M500 + 2TB WD Black (Fusion Drive) || 144hz Asus Mon
Defiant (MacBookPro 9,1): Core i7 @ 2.3ghz || 8GB RAM || nVidia GT 650M 512MB || 512GB Toshiba SSD

#6 DirtyHarry50

DirtyHarry50

    Special Snowflake

  • Members
  • PipPipPipPipPipPip
  • 1575 posts
  • Steam Name:DirtyHarry
  • Steam ID:dirtyharry2
  • Location:North Carolina, USA

Posted 06 March 2016 - 10:26 PM

I should run Linux in a virtual machine just for web browsing and become invincible against all threats!

I think.

I couldn't be bothered though. There is nothing here worth stealing unless they want my various writings that so far only my mom could and does love. I do normally transmit these precious writings in encrypted form lest they fall into the wrong hands. I also keep them in an encrypted disk image with a password I struggle with myself sometimes.

They will never be able to brute force "stupid" anyway.

Oops.
“The time you enjoy wasting is not wasted time.” — Bertrand Russell

#7 nuzderot

nuzderot

    Newbie

  • Members
  • 1 posts

Posted 15 June 2017 - 12:34 AM

It seems that almost every malware on os x try to look like useful tool which often is free of charge. This rule was confirmed with recent threat that offers you to get rid off malware http://macsecurity.net/view/148/