We recently talked about OSX / Linker, a new threat to Macs discovered by folks at Intego. Now, the same researchers from the antivirus software maker are warning users about yet another malware (from the same family) that is roaming the internet called OSX / CrescentCore.
Like most threats of its kind, OSX / CrescentCore comes to your Mac disguised as a Flash installer or updater. Here, even, we have some gimmicks to make it even more stealthy: malware checks if the system on which it is to be installed is running on a virtual machine (like Parallels solutions) and if there is any anti-virus software running on the Mac in question; In either case, the installation will not go ahead making it difficult for the protection solutions to detect it.
If the installation continues, malware installs an agent on your machine, even if it is signed by a valid Apple Developer ID and may allow other malicious agents to invade your computer to capture your data and use your Mac as a cryptocurrency miner or display of advertisements.
Intego has discovered versions of OSX / CrescentCore being distributed on a number of websites around the world, most of them piracy, as one that distributes free copies of comic book editions. The company notes that its antivirus solutions are capable of detecting and exterminating the malware threat; Even if you do not run antivirus on your Mac, however, you can be safe by simply avoiding untrustworthy sites and perhaps not installing Flash (not even the legitimate one, after all it is useless).
At the end of last year, we talked about how virtual threats to macOS had grown by almost 60% in a quarter. Well guess what: they keep proliferating. According to WatchGuard Technologies, a digital security company, Mac malware circulation rose in the first quarter of 2019 from the last period of 2018. In the general computing world, malware detection has grown 62%.
According to the survey, malicious agents are taking on a variety of ways to attack users of Macs and PCs. The most frequent detections recorded by the company were from a threat that presents itself as a Microsoft Office document, known as CVE-2017-11882. .Gen: It represented 17.03% of threat occurrences circulating on the Internet. We also have a large number of Trojans and techniques of phishing among the most frequent threats.
For the first time in Top 10 of malware most detected by the company's antivirus software, two only for Mac:
The company claims that these findings demystify the common sense that Macs are immune to threats, and reinforce the need for protective solutions for these machines. The phrase, of course, is built to sell antivirus, but you don't necessarily have to spend money on such software: as usual, our primary recommendation is that you have good judgment with your browsing patterns, without visiting suspicious websites or clicking on files that have not come from very reliable sources.
With these simple measures combined with macOS 'own protection tools, you can breathe easily at virtually all times.
via Apple World Today