Patrick Wardle shows that OSX/Dummy stores passwords in plain text. When the user types his or her password into the Terminal, the malware logs it in plain text to a new file, located at /tmp/dumpdummy. While Gatekeeper might block malware from certain sources, it is not designed to block code downloaded via the Terminal. Gatekeeper is supposed to block execution of known-malicious and unsigned code obtained from the Internet. ![]() ![]() This methodology of infection through social engineering, although very rudimentary in nature, is arguably slightly clever in that it circumvents Appleās Gatekeeper protection. When unsuspecting victims run the command, their Mac may become infected with the new malware, OSX/Dummy. OSX/Dummy spreads via a rudimentary social engineering attack.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |