Exploit This

Security News, Exploits, and Vulnerabilities.

Operation AppleJeus: Lazarus hits cryptocurrency exchange with fake installer and macOS malware

While investigating a cryptocurrency exchange attacked by Lazarus, we made an unexpected discovery. The victim had been infected with the help of a trojanized cryptocurrency trading application, which had been recommended to the company over email.

Calisto Trojan for macOS

As researchers we interesting in developmental prototypes of malware that have had limited distribution or not even occurred in the wild. We recently came across one such sample: a macOS backdoor that we named Calisto.

The Missing Piece – Sophisticated OS X Backdoor Discovered

Back in January this year we found a new family of cross-platform backdoors for desktop environments. After the discovery of the binaries for Linux and Windows systems, we have now finally come across the OS X version of Mokes.A.

Darwin Nuke

In December 2014 we discovered a very interesting vulnerability in the Darwin kernel. Using it attackers can send just one incorrect network packet to the victim and the victim’s system (OS X 10.10 or iOS 8) will crash.

Financial cyber threats in 2014: things changed

In 2013 we registered a sudden surge in the number of attacks targeting users’ financial information and money. In 2014, the situation changed considerably: the number of attacks and attacked users significantly decreased, as did the amount of financial phishing.

%d bloggers like this: