Security News > 2023 > January > Dridex malware pops back up and turns its attention to macOS

A variant of the bad penny that is Dridex, the general-purpose malware that has been around for years, now has macOS platforms in its sights and a new way of delivering malicious macros via documents.

While the Dridex variant has macOS systems in its sights, the malicious payload it delivers is a Microsoft exe file, which won't run in a MacOS environment.

According to Check Point researchers, Dridex is still most often used as a trojan against financial institutions - it was the fourth most prevalent malware variant in 2021, they wrote last year - but it continues to evolve, which has helped keep it relevant on the cyberthreat scene.

The sample Trend Micro investigated comes in the Mach object file format, a file format in macOS. Once in, the payload is assembled and the malware searches for files with.

Despite this, the malware in the Dridex variant "Will overwrite all the document files for the current user, including the clean files," he wrote.

"Currently, the impact on macOS users for this Dridex variant is minimized since the payload is an exe file," Pedragoza writes.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/01/06/dridex_macos_microsoft_malware/