Hackers using MacOS malware are targeting cryptocurrency investors that use both the Slack and Discord chat platforms. The malware, dubbed OSX.Dummy, uses an unsophisticated infection method, but those who are successfully attacked open their systems up to remote arbitrary code execution.
“If the connection to the attacker’s C&C server succeeds, the attacker will be able to arbitrarily execute commands (as root!) on the infected system,” wrote Patrick Wardle, chief research officer at Digita Security
in a blog post Friday
The malware was first spotted and described by researcher Remco Verhoef, who posted his findings early Friday to the SANS
InfoSec Handlers Diary Blog. The researcher said he observed multiple attacks last week.
[...]
MacOS Malware Targets Crypto Community on Slack, Discord
