Threat Category: Unix and macOS malware | Page 11

This section of the half-yearly report will discuss malicious programs and the vulnerabilities in Unix-type operating systems.

A service or a risk?

Kaspersky Lab presents an overview of vulnerabilities in MacOS X over the part year

I came across something interesting today: a macro virus which we’ve named Virus.StarOffice.Stardust.a

The illusion of invulnerability

This report covers 2005, and provides an overview of the evolution of malware targeting platforms other than Windows.

This latest report continues Kaspersky Lab’s series of quarterly reports on malware and cyber threat evolution.

We’ve received a new sample: another cross platform virus which will infect both Linux and Win32 systems. It’s therefore been given a double name: Virus.Linux.Bi.a/ Virus.Win32.Bi.a

Earlier today there have been a couple of reports about a MacOSX trojan on the MacRumors forum. We’ve been able to obtain a sample and take a look.

This morning a new worm for Linux appeared on the Internet. This is the second worm in the last couple of months.

We are receiving an increasing number of infection reports by Linux.Lupper, a Linux worm which spreads using a vulnerability in ‘xmlrpc.php’, a popular script found on various Linux distributions.

Viruses: not a Linux problem?

During the past few months Kaspersky Lab analysts have observed a surge in the number of rootkits detected. What has caused this growth and what risks do rootkits pose to users?

A professional malware market started to emerge at the very end of 2003, gained ground during 2004, and was well established by the beginning of 2005.

About Sun Microsystems’ initiative to give away Solaris 10 free and a link to Sadmind, the only known Solaris worm.

Reports

Kaspersky GReAT experts describe the latest Mysterious Elephant APT activity. The threat actor exfiltrates data related to WhatsApp and employs tools such as BabShell and MemLoader HidenDesk.

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Unix and macOS malware

Kaspersky Security Bulletin, January – June 2006: Malware for non Win32 platforms

Development kits for gaming consoles

Malware Evolution: MacOS X Vulnerabilities 2005 – 2006

Stardust – a macro curiosity

The illusion of invulnerability

2005: *nix Malware Evolution

Malware Evolution: January – March 2006

Crossplatform virus – the latest proof of concept

“Leap” of Faith

New worm for Linux

Linux.Lupper reports

Viruses: not a Linux problem?

Rootkits and how to combat them

Watershed in malicious code evolution

OS wars and Solaris

Reports

Mysterious Elephant: a growing threat

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

Subscribe to our weekly e-mails