New Mac cryptominer distributed via a MacUpdate hack | Malwarebytes Labs
Tags
maec-delivery-vectors: | Watering Hole |
attack-pattern: | Launch Agent - T1543.001 Launchctl - T1569.001 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Software - T1592.002 Tool - T1588.002 Launch Agent - T1159 Launchctl - T1152 |
Common Information
Type | Value |
---|---|
UUID | 2ea79476-eb5e-4c38-a2be-86a4416693c8 |
Fingerprint | 8c24195dbdff231d |
Analysis status | DONE |
Considered CTI value | 0 |
Text language | |
Published | Feb. 2, 2018, midnight |
Added to db | Sept. 26, 2022, 9:30 a.m. |
Last updated | Dec. 23, 2024, 7:22 a.m. |
Headline | New Mac cryptominer distributed via a MacUpdate hack |
Title | New Mac cryptominer distributed via a MacUpdate hack | Malwarebytes Labs |
Detected Hints/Tags/Attributes | 35/2/18 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 1 | titanium-software.fr |
|
Details | Domain | 1 | titaniumsoftware.org |
|
Details | Domain | 3 | download-installer.cdn-mozilla.net |
|
Details | Domain | 3 | cdn-mozilla.net |
|
Details | Domain | 5 | mozilla.net |
|
Details | Domain | 4 | public.adobecc.com |
|
Details | Domain | 1 | deeper.app |
|
Details | Domain | 3 | mdworker.zip |
|
Details | Domain | 116 | www.apple.com |
|
Details | Domain | 89 | protonmail.ch |
|
Details | Domain | 10 | minergate.com |
|
Details | 3 | walker18@protonmail.ch |
||
Details | File | 3 | mdworker.zip |
|
Details | File | 3 | macosupdate.pl |
|
Details | File | 3 | macos.pl |
|
Details | Url | 1 | https://public.adobecc.com/files/1u14rsv3mvahbmegvs4lz42afnyeff? |
|
Details | Url | 74 | http://www.apple.com/dtds/propertylist-1.0.dtd |
|
Details | Url | 3 | https://public.adobecc.com/files/1ujet2wd0vpd5sd0crlx0eh2uieeff? |