Microsoft retracts its report on Mac ransomware

2023-01-12 13:42

Anti-analysis techniques are deployed by malware to evade analysis or render the file analysis much more complex and difficult for researchers and malware sandboxes.

File enumeration is a critical operation for ransomware operators.

The output of the find command is then provided to the malware in order to run its operations on the discovered files.

FileCoder enumerates recursively all files from the macOS /Users and /Volumes folders, excluding files named README!

MacRansom is more specific: It searches for files in the /Volumes and the current user's home folder, but it checks for files bigger than 8 bytes, belonging to the current user for which they have read permissions enabled.

EvilQuest has the ability to infect Mach object file format files by prepending its code to targeted files.

News URL

https://www.techrepublic.com/article/microsoft-retracts-mac-ransomware-report/

#MAC #microsoft #ransomware #report

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Microsoft		672	801	4435	4121	3695	13052

News URL

Related news

Related vendor