.png)
Beware, Mac users! Cybercriminals are up to no good, spreading malware through pirated software. According to cybersecurity experts at Kaspersky, these malicious software programs, hidden in pirated apps, are distributed as PKG files instead of the usual disk images.
This new wave of malware is specifically targeting people who download cracked versions of popular apps from unauthorized websites. The hackers are employing proxy trojans, turning infected Mac devices into hubs for spreading malware, and launching hacking and phishing campaigns.
Kaspersky detected this troubling trend back in April, revealing that the malware campaign focuses on users who opt for free, pirated versions of premium apps. The trojan has been found in 35 popular apps related to image editing, video compression, editing, data recovery, and network scanning.
Some well-known apps carrying this trojan include 4K Video Downloader Pro, Aissessoft Mac Data Recovery, Sketch, and Wondershare UniConverter 13. Unlike legitimate macOS software, these infected versions are packaged as PKG files, running with high-level permissions that allow them to modify system files, autorun on startup, and execute commands.
To make matters worse, the trojan disguises itself by adopting the name 'WindowServer,' a legitimate macOS process. The file responsible for launching this process is named 'GoogleHelperUpdater.plist,' mimicking a Chrome file and making detection more challenging.
While the specific commands executed by the malware remain unknown, it uses TCP and UDP networking protocols to act as a proxy. Kaspersky's report also hints that the trojan might be impacting Android and Windows devices alongside macOS.
Stay vigilant, Mac users! Make sure to steer clear of pirated software to keep your devices safe from these sneaky cyber threats.
