Security

.EXE files infect macOS

Trend Micro experts warn that a malicious .exe file can infect users of the macOS operating system, bypassing all protection systems. The statement seems absurd, given that the .exe extension is used in Windows systems, but the experts explained in detail the design of this attack.

Researchers stumbled upon several samples of malicious .dmg files that are used in the macOS system. They were disguised as installation files of various popular programs and were distributed on torrent sites.

What is most interesting is that these samples included an EXE application compiled using the Mono framework, which makes files of this format compatible with macOS. Mono is an open source implementation of the Microsoft .NET Framework that allows developers to create cross-platform programs.

Usually EXE files when trying to run on macOS give an error. Another important fact is that security features like Gatekeeper do not scan .exe files for malicious code. Fake installer, discovered by experts, is disguised as an installation file from the Little Snitch firewall:

During the installation process, the malware prompts the user to install an advanced set, some of which are disguised as Adobe Flash Media Player and Little Snitch. Experts could not identify any specific pattern of these attacks.

… We suspect that this specific malware can be used as an evasion technique for other attack or infection attempts to bypass some built-in safeguards such as digital certification checks since it is an unsupported binary executable in Mac systems by design. We think that the cybercriminals are still studying the development and opportunities from this malware bundled in apps and available in torrent sites, and therefore we will continue investigating how cybercriminals can use this information and routine. Users should avoid or refrain from downloading files, programs, and software from unverified sources and websites, and install a multi-layered protection for their individual and enterprise systems.

Trend Micro Solutions

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove Chernars pop-up ads (Virus Removal Guide)

Chernars.com is a domain that tries to force you into subscribing to its browser notifications…

20 hours ago

Remove Eclipse-adblocker.pro pop-up ads (Virus Removal Guide)

Eclipse-adblocker.pro is a site that tries to trick you into clik to its browser notifications…

20 hours ago

Remove Initiateadvancedcompletelythe-file.top pop-up ads (Virus Removal Guide)

Initiateadvancedcompletelythe-file.top is a site that tries to force you into subscribing to its browser notifications…

20 hours ago

Remove Pbmsoultions pop-up ads (Virus Removal Guide)

Pbmsoultions.com is a domain that tries to trick you into clik to its browser notifications…

4 days ago

Remove Prizestash pop-up ads (Virus Removal Guide)

Prizestash.com is a site that tries to trick you into subscribing to its browser notifications…

4 days ago

Remove Verifiedbreaking pop-up ads (Virus Removal Guide)

Verifiedbreaking.com is a domain that tries to force you into subscribing to its browser notifications…

4 days ago