• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 24th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Technology News
Apple News

New OSX.Pirrit Malware floods Mac devices with ads; spies on users

December 15th, 2017 Waqas Security, Apple News, Malware 0 comments
New OSX.Pirrit Malware floods Mac devices with ads; spies on users
Share on FacebookShare on Twitter

Security firm Cybereason’s principal security researcher Amit Serper has discovered an invasive OSX.Pirrit adware variant that has been launched to target macOS so that attackers could invade and completely hijack any Mac computer. Already thousands of Mac devices across the globe have been infected with the adware.

This campaign is a bit different from regular adware campaigns, stated Serper, since other such campaigns let the attacker bombard a computer with ads while this particular campaign not only floods the computer with ads but additionally spies on the user. It also allows attackers to capture personal information of the user and claim the highest level user privileges. It steals sensitive personal data including bank account logins and critical financial and business data.

“As for OSX.Pirrit malware, it runs under root privileges, creates autoruns and generates random names for itself on each install. Plus, there are no removal instructions and some of its components mask themselves to appear like they’re legitimate and from Apple,” wrote Serper.

Serper stated that the adware was ‘Very Active’ and still infecting Macs; previous versions of OSX.Pirrit utilized rogue browser plug-ins and also attempted to install a proxy server on the hijacked device but this particular version uses Apple’s scripting/automation language dubbed as AppleScript. Using AppleScript enables the malware to inject JavaScript code into the browser directly, which shows how any adtech firm can exploit “nefarious tactics” present in the malware to protect the malware from being detected by antivirus software.

Serper noted that Israeli firm TargetingEdge has created OSX-Pirrit and the malware authors’ have worked really hard to avoid detection since the firm claims to be involved in the development and operation of “legitimate and legal installer product for Mac users.”

New OSX.Pirrit Malware floods Mac devices with ads; spies on users

TargetingEdge’s profile (Image credit: Cybereason)

Serper also stated that the firm was threatening with legal action for relating it to the malware. Cybereason has been publishing reports since April 2016 in which it has named TargetingEdge [PDF] for this adware and the third report [PDF] was published this week. All the reports were written by Serper and in his latest report [PDF], Serper has referred to the malware as Nasty.

“For the past two weeks, they’ve tried to prevent me from publishing this research. Cybereason has received a few cease and desist letters from a firm claiming to be TargetingEdge’s legal counsel. The letters demand that we stop referring to TargetingEdge’s software as malware and refrain from publishing this report,” wrote Serper.

Top, featured image via Flickr

  • Tags
  • Adware
  • Apple
  • Cyber Crime
  • internet
  • Israel
  • Mac
  • Malware
  • Privacy
  • security
  • Technology
Facebook Twitter LinkedIn Pinterest
Previous article Hackers Deploy Triton Malware to Shut Down Power Station
Next article Everything you need to know about virtual private networks (VPN)
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
SonicWall hacked after 0-day flaws exploited by hackers

SonicWall hacked after 0-day flaws exploited by hackers

Gamarue malware found in UK Govt-funded laptops for homeschoolers

Gamarue malware found in UK Govt-funded laptops for homeschoolers

Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
SonicWall hacked after 0-day flaws exploited by hackers
Hacking News

SonicWall hacked after 0-day flaws exploited by hackers

63
Massive privacy risk as hacker sold 2 million MyFreeCams user records
Cyber Crime

Massive privacy risk as hacker sold 2 million MyFreeCams user records

118
Gamarue malware found in UK Govt-funded laptops for homeschoolers
Security

Gamarue malware found in UK Govt-funded laptops for homeschoolers

577

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us