Bleeping Computer reports that 29,139 Mac devices across the world, including the US, Canada and Germany, have been infected with a new macOS malware known as Silver Sparrow.
According to Red Canary researchers, the new malware has been distributed as files named 'update.pkg' [VirusTotal] or 'updater.pkg' [VirusTotal], with the update.pkg including both an Apple M1 and an Intel x86_64 binary, while the updater.pkg only has the executable Intel file.
They could not find the real purpose of the malware and "[we] have no way of knowing with certainty what payload would be distributed by the malware, if a payload has already been delivered and removed, or if the adversary has a future timeline for distribution," the Red Canary report stated.
Malwarebytes' Thomas Reed said they have no idea how Silver Sparrow is installed. "We don’t know how users would have initially found that installer. In fact, I’m a bit skeptical that it may even still be in distribution, in this form, at least," he added.
Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.
Fraudulent crypto token trades have allegedly been conducted by the indicted firms and individuals to lure more investors, according to the Justice Department, which noted the sequestration of over $25 million worth of cryptocurrency and several wash trading bots as part of the operation.
After injecting PowerShell commands in a vulnerable web server, OilRig proceeds to leverage CVE-2024-30088 to facilitate password filter DLL registration for plaintext credential capturing, 'ngrok' utility installation for covert communications, and the targeting of Microsoft Exchange servers with the novel 'StealHook' backdoor.
Organizations have been warned by the Cybersecurity and Infrastructure Security Agency about ongoing attacks exploiting unencrypted F5 BIG-IP Local Traffic Manager module-managed persistence cookies to discover other devices within the targeted network.