Threat Category: Unix and macOS malware | Page 10

Providing randomly generated input to different open source disassembler libraries generates surprisingly differing output and the CPU interprets it differently yet again.

On 28th August, the latest update for MaxOS X was released – Snow Leopard. It differs in one very telling way from previous versions – for the first time in Apple’s long history, the company’s implemented an antivirus scanner.

Windows may be ubiquitous, but there’s a thriving variety of alternative operating systems for enterprise and home use. However, the alternatives aren’t as risk free as some people might think

It’s often argued that *nix systems are secure, and there aren’t any viruses or malware for such systems. This hasn’t been true for a long time, as two recently detected malicious programs prove.

Well, we congratulated Mac on its 25th birthday – and then found some new rogueware. We’ve got two pieces of malware and detect them both as not-a-virus:FraudTool.OSX.iMunizator.

Traditionally, malware writers have overlooked Mac in favor of targeting Windows with its bigger market share. But the proof-of-concept samples which appear periodically show that Macs aren’t invincible.

This article is the third in a series devoted to the evolution of viruses and anti-virus solutions

The Race to Zero is not a questionable affair – no questions about it…it is unethical.

It is more than 20 years since the first PC virus appeared. Since then, the nature of threats has changed significantly

Talk about non-Windows malware and most people automatically think of Linux, MaxOS X etc. But this very modern attitude overlooks a couple of interesting stages in the history of computer virology.

This article aims to help readers better understand the features of Mac OS X which are critical when researching malicious programs designed for this operating system.

This report examines the evolution of malicious code for Unix-type systems, including malware targeting Linux and OS X.

This latest half-yearly report covers the most significant changes in malicious code evolution over the last six months and included a number of predictions as to how the situation may develop based on the statistics we have today.

This section of the half-yearly report will discuss malicious programs and the vulnerabilities in Unix-type operating systems.

A service or a risk?

Reports

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.

Unix and macOS malware

Different x86 Bytecode Interpretations

One Leopard, two Trojans

Malware beyond Vista and XP

The myth of *nix security

More rogueware for Mac

Happy birthday, Mac!

Rootkit evolution

Drawing the line

Changing threats, changing solutions: A history of viruses and antivirus

The C64 hits 25

Mac OS X

Kaspersky Security Bulletin 2006: Malware for Unix-type systems

Kaspersky Security Bulletin, January – June 2006: Malware Evolution

Kaspersky Security Bulletin, January – June 2006: Malware for non Win32 platforms

Development kits for gaming consoles

Reports

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

GOFFEE continues to attack organizations in Russia

Subscribe to our weekly e-mails