JAKARTA - Kaspersky researchers have identified macOS variants of HZ Rat's backdoor targeting WeChat and DingTalk users, two popular messaging platforms from China.
The malware, which was first detected on the Windows system, now threatens macOS. The macOS version of HZ Rat is distributed through the installation of the fake OpenVPN Connect application.
This install contains a valid VPN client along with two dangerous files: the backdoor itself and a script that launches a backdoor with VPN clients.
Once started, the backdoor is connected to the attacker's server using a pre-defined IP address list, with all communications encrypted to avoid detection.
Analysis of Kaspersky experts shows that macOS' backdoor collects information such as victim usernames, office email addresses, and phone numbers from unprotected DingTalk and WeChat data files.
BACA JUGA:
-
| TEKNOLOGI
Circle to Search Akan Ditambahkan ke Ponsel Tecno dan Xiaomi 14T
19 September 2024, 23:35 -
| TEKNOLOGI
Uni Eropa Mulai Tindak Apple Terkait Pembukaan Ekosistem Bagi Pesaing
20 September 2024, 02:05 -
| TEKNOLOGI
Badan Penasihat PBB Usulkan Tujuh Rekomendasi untuk Pengaturan AI
20 September 2024, 07:05 -
| TEKNOLOGI
Hypernet dan Versa Networks Perkuat Keamanan Siber dengan SSE Versa
20 September 2024, 08:30
To reduce the risk of malware infections such as HZ Rat, Kaspersky recommends the following:
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
