OSX / Linker malware uses workaround bug in macOS X Gatekeeper
Gatekeeper #Gatekeeper
SC Media> Home> Security News> Malware> New OSX / Linker Malware Created to Exploit MacOS X Gatekeeper Bypass Bug
Mac researchers have discovered a new malware program specifically designed to exploit a recently disclosed zero-day bypass vulnerability in macOS X Gatekeeper, which has yet to be patched.
The malware is called OSX / Linker and appears to have been created by the same developers behind OSX / Surfbuyer, an adware program that also targets Mac users, according to Joshua Long, chief security analyst at Intego in a June 24 company. blog post.
Gatekeeper is a feature that enforces code signing and verifies downloaded applications before running on a system. However, on May 24, independent researcher Filippo Cavallarin publicly announced that actors could sneak malicious apps past Gatekeeper’s protection by hosting them on an attacker-controlled Network File System (NFS) server and then using a symbolic link (aka symlink) to that app, then fool potential victims by downloading a .zip archive containing that symlink.
Register to continue.
Already registered? Log in.
Once you have registered, you will receive:
News analysis
The context and insight you need to stay on top of the most important developments in cybersecurity. CISO and practice perspectives; strategy and tactics; solutions and innovation; policies and regulations.
Archives
Unlimited access to nearly 20 years of SC Media industry analysis and news for you to use.
Daily Newswire
SC Media’s essential morning briefing for cybersecurity professionals.
Learning Express
One-click access to our extensive program of virtual events, with helpful calendar reminders and the ability to earn CISSP credits.
Subjects:
Vulnerability management with malware
Read more?
Please login or register first to view this content.
Login Register
Open
Next post in Malware
Close to
Via: www.scmagazine.com
Don’t Go Read more:
Compsmag is supported by its audience. When you buy through links on our website, we may earn an affiliate commission fee. Learn more