OSX/Pirrit is an invasive piece of OSX adware that is derived from the Windows version of the adware. These updates are included in the latest AlienVault Threat Intelligence update available now:
The Labs team recently updated the USM platform’s ability to detect this new threat on your network by adding an IDS signature to detect the malicious traffic and a correlation directive to link events from across your network that indicate that Pirrit has compromised one or more Macs. The AlienVault Labs threat research team saves you a tremendous amount of time and effort-it continues to research and update the ability of the USM platform to detect new types of malware like OSX.Pirrit, as well as new variations on existing malware.
OPEN SOURCE ADWARE TOOL FOR MAC MAC OSX
And, since at least one version of the malware includes a signed Apple certificate, it appears benign to the Mac OSX once installed.ĪlienVault USM gives you the ability to detect the presence of new variants of malware like OSX-Pirrit that has evaded those preventive technologies and resides on your systems. Preventive technologies like antimalware or sandboxing can help block the downloading and installation of the malware, but preventative tools never detect all versions of malware. It launches a daemon (which allows it to control apps and services) which enables it to maintain persistenceĪdware like OSX-Pirrit is difficult to prevent and remove.It intercepts web traffic via a proxy and injects ads into that traffic.Once installed, OSX-Pirrit does two things: It appears to get on the system simply by users installing it, believing they are downloading an update to popular apps like Flash. It is more malicious than the Windows version of Pirrit because it hijacks your web traffic by routing all web traffic through its proxy, thereby exposing your sensitive or regulated information to exfiltration (as well as giving the attacker the ability to install other software on your system). OSX-Pirrit is an invasive application that targets Macs, one of the few but growing number of Mac threats.
Malicious activity in adware can range from applications that monitor your users’ behavior and and collect marketing-related information unbeknownst to you (also known as spyware), to applications that install malicious apps and harvest confidential or regulated data. Adware has been around since time began (or so it seems) and many users accept it as a necessary evil to get access to free apps, games, and utilities.
OPEN SOURCE ADWARE TOOL FOR MAC FOR FREE
Some adware is legitimate, such as when it’s used by developers to generate revenue for free or open source applications or tools. It is advertising-supported software that can be both annoying and malicious. “Adware” is a portmanteau (one of my favorite words) of ‘advertising’ and ‘software’.
0 kommentar(er)
