Cracked software beats gold: new macOS backdoor stealing cryptowallets

A month ago, we discovered some cracked apps circulating on pirating websites and infected with a Trojan proxy. The malicious actors repackaged pre-cracked applications as PKG files with an embedded Trojan proxy and a post-install script initiating the infection. We recently caught sight of a new...

Mac Users Beware: New Trojan-Proxy Malware Spreading via Pirated Software

Unauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy malware. "Attackers can use this type of malware to gain money by building a proxy server network or to perform criminal acts on behalf of the victim: to...

New macOS Trojan-Proxy piggybacking on cracked software

Illegally distributed software historically has served as a way to sneak malware onto victims devices. Oftentimes, users are not willing to pay for software tools they need, so they go searching the Web for a "free lunch". They are an excellent target for cybercriminals who realize that an...

Trojan-Proxy.Win32.Raznew.gen Unauthenticated Open Proxy

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/55ce4b6c2ec10838c54dca54d96801d6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Proxy.Win32.Raznew.gen Vulnerability: Unauthenticated Open Proxy Description: The malware...

Stantinko Botnet Now Targeting Linux Servers to Hide Behind Proxies

An adware and coin-miner botnet targeting Russia, Ukraine, Belarus, and Kazakhstan at least since 2012 has now set its sights on Linux servers to fly under the radar. According to a new analysis published by Intezer today and shared with The Hacker News, the trojan masquerades as HTTPd, a commonl...