Security News > 2023 > January > Dridex malware pops back up and turns its attention to macOS
A variant of the bad penny that is Dridex, the general-purpose malware that has been around for years, now has macOS platforms in its sights and a new way of delivering malicious macros via documents.
While the Dridex variant has macOS systems in its sights, the malicious payload it delivers is a Microsoft exe file, which won't run in a MacOS environment.
According to Check Point researchers, Dridex is still most often used as a trojan against financial institutions - it was the fourth most prevalent malware variant in 2021, they wrote last year - but it continues to evolve, which has helped keep it relevant on the cyberthreat scene.
The sample Trend Micro investigated comes in the Mach object file format, a file format in macOS. Once in, the payload is assembled and the malware searches for files with.
Despite this, the malware in the Dridex variant "Will overwrite all the document files for the current user, including the clean files," he wrote.
"Currently, the impact on macOS users for this Dridex variant is minimized since the payload is an exe file," Pedragoza writes.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/01/06/dridex_macos_microsoft_malware/
Related news
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- XCSSET macOS malware returns with first new version since 2022 (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)
- The XCSSET info-stealing malware is back, targeting macOS users and devs (source)
- New FrigidStealer Malware Targets macOS Users via Fake Browser Updates (source)