Largely undetected Mac malware suggests disgraced HackingTeam has returned

“Researchers have uncovered what appears to be newly developed Mac malware from HackingTeam, a discovery that’s prompting speculation that the disgraced malware-as-a-service provider has reemerged since last July’s hack that spilled gigabytes worth of the group’s private e-mail and source code,” Dan Goodin reports for Ars Technica.

“The sample was uploaded on February 4 to the Google-owned VirusTotal scanning service, which at the time showed it wasn’t detected by any of the major antivirus programs,” Goodin reports. “(Ahead of this report on Monday, it was detected by 10 of 56 AV services.) A technical analysis published Monday morning by SentinelOne security researcher Pedro Vilaça showed that the installer was last updated in October or November, and an embedded encryption key is dated October 16, three months after the HackingTeam compromise.”

Goodin reports, “The sample installs a copy of HackingTeam’s signature Remote Code Systems compromise platform, leading Vilaça to conclude that the outfit’s comeback mostly relies on old, largely unexceptional source code, despite the group vowing in July that it would return with new code.”

Read more in the full article here.

Adobe updates Flash software to fix yet another security hole – July 8, 2015


Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.