Mac-Based MetaStealer
by Artie Kaye
This info-stealing malware is spread through social engineering. Attackers will pose as clients and send Trojan horse files—such as an installer that has the icon of a PDF—in hopes that the user will open it. As of this writing, the Apple anti-malware software does not detect this. While the program will run natively on only Intel processor machines, it can gain a foothold when used in conjunction with Rosetta. The main target of this campaign are businesses, and has the intent to steal passwords and important data on the infected devices.
Third-Party references:
Click the links below to learn more details. (Opens in a new tab/window.)
Microsoft Teams Phishing
by Artie Kaye
A campaign is using compromised Office accounts to proliferate a malware install file. The guise of a vacation schedule update has been reported as a common tactic. Microsoft has addressed some of these concerns on the software end, changing how outside users in a group are seen, and shutting down accounts known to have been involved in the spread.
Third-Party references:
Click the links below to learn more details. (Opens in a new tab/window.)