Apple warns of “privacy and security threats” after EU requires it to allow sideloading

Despite several warnings about the risks, Apple will allow European iPhone owners to install apps obtained from outside the official App store (sideloading). These drastic changes are brought about to comply with the European Union’s (EU) Digital Markets Act (DMA). Read More …

New macOS backdoor stealing cryptowallets

A month ago, Kaspersky researchers discovered some cracked apps circulating on pirating websites and infected with a Trojan proxy. The malicious actors repackaged pre-cracked applications as PKG files with an embedded Trojan proxy and a post-install script initiating the infection. Read More …

A lightweight method to detect potential iOS malware

In 2021 and 2022, Kaspersky researchers had the privilege of working on a few Pegasus malware infections on several iPhone devices. The iPhones were Initially given to them by their partners for general security checks before the researchers discovered the Read More …

Atomic Stealer rings in the new year with updated version

Last year, Malwarebytes Labs researchers documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer (AMOS) onto Mac users. This stealer has proven to be quite popular in the criminal underground and its developers have been adding Read More …

Operation Triangulation: The last (hardware) mystery

Today, on December 27, 2023, Boris Larin, Leonid Bezvershenko, and Georgy Kucherin delivered a presentation, titled, “Operation Triangulation: What You Get When Attack iPhones of Researchers”, at the 37th Chaos Communication Congress (37C3), held at Congress Center Hamburg. The presentation Read More …

BlueNoroff: new Trojan attacking macOS users

Kaspersky researchers recently discovered a new variety of malicious loader that targets macOS, presumably linked to the BlueNoroff APT gang and its ongoing campaign known as RustBucket. The threat actor is known to attack financial organizations, particularly companies, whose activity Read More …

Apple developers targeted by new malware, EggShell backdoor

Malicious Xcode projects are being used to hijack developer systems and spread custom EggShell backdoors. The malware, dubbed XcodeSpy, targets Xcode, an integrated development environment (IDE) used in macOS for developing Apple software and applications. According to research published by Read More …