View Full Version : OSX/MaMi DNS Hijacker novo otkriveni malware za macOS

16-01-2018, 07:35
Promenom DNS adresa preusmerava saobracaj preko svojih servera gde moze da kupi razne informacije sa racunara.

“OSX/MaMi isn’t particularly advanced – but does alter infected systems in rather nasty and persistent ways,” Wardle writes.
“By installing a new root certificate and hijacking the DNS servers, the attackers can perform a variety of nefarious actions such as man-in-the-middle’ing traffic (perhaps to steal credentials, or inject ads)” or to insert cryptocurrency mining scripts into web pages.
Furthermore the malware’s reach is said to extend to things such as generating mouse events, taking screenshots, and more:

Taking screenshots
Generating simulated mouse events
Perhaps persists as a launch item (programArguments, runAtLoad)
Downloading & uploading files
Executing commands

Potrebno je proveriti sledeca DNS podesavanja posto antivirus jos uvek ne detektuje pomenuti malware.

Currently, you can check to make sure you aren’t affected by launching System Preferences, heading into the Network menu, choosing “Advanced” and toggling over to the DNS menu. On that menu, keep an eye out for and

Izvor vesti: https://9to5mac.com/2018/01/15/macos-dns-hijacking-malware/
Takodje detaljnije opisano oko pronalazenja DNS adresa na racunaru: https://thehackernews.com/2018/01/macos-dns-hijacker.html?m=1