[MacTUG] Crypominer distributed via MacUpdate, other download sites
Mike Patterson
mpatterson at uwaterloo.ca
Tue Feb 6 08:26:32 EST 2018
Pretty much what the subject says:
"""
Mac crypto miner distributed via MacUpdate, other software download sites
https://www.helpnetsecurity.com/2018/02/05/mac-crypto-miner-macupdate/
Hackers were able to trick an editor into posting their links to the MacUpdate site from February 1 to February 2, 2018. The links appeared to be for Firefox, OnyX, and Deeper but were actually a cryptominer.
Reports on Twitter indicate the same links also appeared on other download sites (Softpedia, and mac.majorgeeks).
Additional details are available in this blog post:
New Mac cryptominer distributed via a MacUpdate hack
https://blog.malwarebytes.com/threat-analysis/2018/02/new-mac-cryptominer-distributed-via-a-macupdate-hack/
"""
--
Mike Patterson - Manager, Information Security Operations
Information Security Services, University of Waterloo
+1 519-888-4567, x47178 / mike.patterson at uwaterloo.ca
Security Operations Centre x41125 / soc at uwaterloo.ca
More information about the MacTUG
mailing list