Malware attack on MacOS conceals payload inside ad’s image files

Security researchers in an elaborate analysis depict one fresh mode of malware assault against macOS wherein they have uncovered rogue online advertising which utilized steganography for camouflaging the malicious payload inside image files of the advertisement effectively fooling security defenses.

Confiant a cyber-security company in its current weekly report tells people using Apple's services are still certain much preferred targets of malicious advertising outbreaks. According to it, one fresh malvertising band known as VeryMal, which recently targeted Apple users, while in its most recent attack utilized steganography techniques for concealing malware within ad images for bypassing identification. Users seeing the ad found one known trick in the attack exhibiting notices about Adobe Flash Player requiring updating, while giving advise to end-users for viewing a file so it got downloaded inside their Web-browsers. People allowing the download as well as unwittingly executing the malware eventually got their Mac systems contaminated with a Trojan horse known as Shlayer.

Confiant's Eliya Stein writes that as detecting malvertising keeps on maturing, advanced cyber-criminals are realizing that ordinary techniques to obfuscate malware won't any more get their purpose achieved. Observing that ordinary obfuscations of JavaSript lead to one very special kind of nonsense which can be easily detected, Stein adds that the steganography sort of methodologies help in smuggling payloads devoid of depending upon heavy lookup tables else hex encoded scripts. Appleinsider.com posted this dated January 24, 2019.

Since August 2018, Confiant has been watching VeryMal along with its attack outbreaks that normally occur for brief periods over some days. Overall, the band seemingly has hijacked more than 5m web sessions on genuine websites; nevertheless, it's not known what number of the end-users loaded the malicious applications.

Alongside being a hazard to online users, malware is in particular affecting macOS users, with apparently increasing attempts at circumventing its security defenses. The malware is getting used not just in ad-based assaults, as during September, a few Mac apps were carrying out harmful actions namely getting end-users divulge their data. An extremely common tactic which malware purveyors are employing now-a-days for concealing malware inside images is Steganography.

» SPAMfighter News - 1/31/2019