malicious – Page 16 – Tech Today w/ Ken May

Mac users installing popular DVD ripper get nasty backdoor instead

(credit: Patrick Wardle ) Hackers compromised a download server for a popular DVD-ripping software named HandBrake and used it to push stealthy malware that stole victims’ password keychains, password vaults, and possibly the master credentials that decrypted them, security researchers said Monday. Over a four-day period ending Saturday, a download mirror located at download.handbrake.fr delivered a version of the video conversion software that contained a backdoor known as Proton, HandBrake developers warned over the weekend . At the time that the malware was being distributed to unsuspecting Mac users, none of the 55 most widely used antivirus services detected it. That’s according to researcher Patrick Wardle , who reported results here and here from the VirusTotal file-scanning service. When the malicious download was opened, it directed users to enter their Mac administer password, which was then uploaded in plain text to a server controlled by the attackers. Once installed, the malware sent a variety of sensitive user files to the same server. In a blog post published Monday morning , Thomas Reed, director of Mac offerings at antivirus provider Malwarebytes, wrote: Read 5 remaining paragraphs | Comments

View original post here:
Mac users installing popular DVD ripper get nasty backdoor instead

Mac users installing popular DVD ripper get nasty backdoor instead

(credit: Patrick Wardle ) Hackers compromised a download server for a popular DVD-ripping software named HandBrake and used it to push stealthy malware that stole victims’ password keychains, password vaults, and possibly the master credentials that decrypted them, security researchers said Monday. Over a four-day period ending Saturday, a download mirror located at download.handbrake.fr delivered a version of the video conversion software that contained a backdoor known as Proton, HandBrake developers warned over the weekend . At the time that the malware was being distributed to unsuspecting Mac users, none of the 55 most widely used antivirus services detected it. That’s according to researcher Patrick Wardle , who reported results here and here from the VirusTotal file-scanning service. When the malicious download was opened, it directed users to enter their Mac administer password, which was then uploaded in plain text to a server controlled by the attackers. Once installed, the malware sent a variety of sensitive user files to the same server. In a blog post published Monday morning , Thomas Reed, director of Mac offerings at antivirus provider Malwarebytes, wrote: Read 5 remaining paragraphs | Comments

Link:
Mac users installing popular DVD ripper get nasty backdoor instead

Mac users installing popular DVD ripper get nasty backdoor instead

(credit: Patrick Wardle ) Hackers compromised a download server for a popular DVD-ripping software named HandBrake and used it to push stealthy malware that stole victims’ password keychains, password vaults, and possibly the master credentials that decrypted them, security researchers said Monday. Over a four-day period ending Saturday, a download mirror located at download.handbrake.fr delivered a version of the video conversion software that contained a backdoor known as Proton, HandBrake developers warned over the weekend . At the time that the malware was being distributed to unsuspecting Mac users, none of the 55 most widely used antivirus services detected it. That’s according to researcher Patrick Wardle , who reported results here and here from the VirusTotal file-scanning service. When the malicious download was opened, it directed users to enter their Mac administer password, which was then uploaded in plain text to a server controlled by the attackers. Once installed, the malware sent a variety of sensitive user files to the same server. In a blog post published Monday morning , Thomas Reed, director of Mac offerings at antivirus provider Malwarebytes, wrote: Read 5 remaining paragraphs | Comments

View article:
Mac users installing popular DVD ripper get nasty backdoor instead

Mac users installing popular DVD ripper get nasty backdoor instead

(credit: Patrick Wardle ) Hackers compromised a download server for a popular DVD-ripping software named HandBrake and used it to push stealthy malware that stole victims’ password keychains, password vaults, and possibly the master credentials that decrypted them, security researchers said Monday. Over a four-day period ending Saturday, a download mirror located at download.handbrake.fr delivered a version of the video conversion software that contained a backdoor known as Proton, HandBrake developers warned over the weekend . At the time that the malware was being distributed to unsuspecting Mac users, none of the 55 most widely used antivirus services detected it. That’s according to researcher Patrick Wardle , who reported results here and here from the VirusTotal file-scanning service. When the malicious download was opened, it directed users to enter their Mac administer password, which was then uploaded in plain text to a server controlled by the attackers. Once installed, the malware sent a variety of sensitive user files to the same server. In a blog post published Monday morning , Thomas Reed, director of Mac offerings at antivirus provider Malwarebytes, wrote: Read 5 remaining paragraphs | Comments

Continue Reading:
Mac users installing popular DVD ripper get nasty backdoor instead

Mac users installing popular DVD ripper get nasty backdoor instead

(credit: Patrick Wardle ) Hackers compromised a download server for a popular DVD-ripping software named HandBrake and used it to push stealthy malware that stole victims’ password keychains, password vaults, and possibly the master credentials that decrypted them, security researchers said Monday. Over a four-day period ending Saturday, a download mirror located at download.handbrake.fr delivered a version of the video conversion software that contained a backdoor known as Proton, HandBrake developers warned over the weekend . At the time that the malware was being distributed to unsuspecting Mac users, none of the 55 most widely used antivirus services detected it. That’s according to researcher Patrick Wardle , who reported results here and here from the VirusTotal file-scanning service. When the malicious download was opened, it directed users to enter their Mac administer password, which was then uploaded in plain text to a server controlled by the attackers. Once installed, the malware sent a variety of sensitive user files to the same server. In a blog post published Monday morning , Thomas Reed, director of Mac offerings at antivirus provider Malwarebytes, wrote: Read 5 remaining paragraphs | Comments

Microsoft Word 0-day used to push dangerous Dridex malware on millions

Enlarge / A sample e-mail from Dridex campaign exploiting Microsoft Word zero-day. (credit: Proofpoint) Booby-trapped documents exploiting a critical zero-day vulnerability in Microsoft Word have been sent to millions of people around the world in a blitz aimed at installing Dridex, currently one of the most dangerous bank fraud threats on the Internet. As Ars reported on Saturday, the vulnerability is notable because it bypasses exploit mitigations built into Windows, doesn’t require targets to enable macros, and works even against Windows 10, which is widely considered Microsoft’s most secure operating system ever. The flaw is known to affect most or all Windows versions of Word, but so far no one has ruled out that exploits might also be possible against Mac versions. Researchers from security firms McAfee and FireEye warned that the malicious Word documents are being attached to e-mails but didn’t reveal the scope or ultimate objective of the campaign. In a blog post published Monday night , researchers from Proofpoint filled in some of the missing details, saying the exploit documents were sent to millions of recipients across numerous organizations that were primarily located in Australia. Proofpoint researchers wrote: Read 2 remaining paragraphs | Comments

Continued here:
Microsoft Word 0-day used to push dangerous Dridex malware on millions