Security

.EXE files infect macOS

Trend Micro experts warn that a malicious .exe file can infect users of the macOS operating system, bypassing all protection systems. The statement seems absurd, given that the .exe extension is used in Windows systems, but the experts explained in detail the design of this attack.

Researchers stumbled upon several samples of malicious .dmg files that are used in the macOS system. They were disguised as installation files of various popular programs and were distributed on torrent sites.

What is most interesting is that these samples included an EXE application compiled using the Mono framework, which makes files of this format compatible with macOS. Mono is an open source implementation of the Microsoft .NET Framework that allows developers to create cross-platform programs.

Usually EXE files when trying to run on macOS give an error. Another important fact is that security features like Gatekeeper do not scan .exe files for malicious code. Fake installer, discovered by experts, is disguised as an installation file from the Little Snitch firewall:

During the installation process, the malware prompts the user to install an advanced set, some of which are disguised as Adobe Flash Media Player and Little Snitch. Experts could not identify any specific pattern of these attacks.

… We suspect that this specific malware can be used as an evasion technique for other attack or infection attempts to bypass some built-in safeguards such as digital certification checks since it is an unsupported binary executable in Mac systems by design. We think that the cybercriminals are still studying the development and opportunities from this malware bundled in apps and available in torrent sites, and therefore we will continue investigating how cybercriminals can use this information and routine. Users should avoid or refrain from downloading files, programs, and software from unverified sources and websites, and install a multi-layered protection for their individual and enterprise systems.

Trend Micro Solutions

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove Netsmediashub pop-up ads (Virus Removal Guide)

Netsmediashub.com is a domain that tries to force you into clik to its browser notifications…

15 hours ago

Remove News-bhexusa.xyz pop-up ads (Virus Removal Guide)

News-bhexusa.xyz is a domain that tries to trick you into clik to its browser notifications…

2 days ago

Remove News-bhupotu.xyz pop-up ads (Virus Removal Guide)

News-bhupotu.xyz is a domain that tries to trick you into subscribing to its browser notifications…

2 days ago

Remove News-bhocime.info pop-up ads (Virus Removal Guide)

News-bhocime.info is a site that tries to trick you into subscribing to its browser notifications…

2 days ago

Remove You-hub.online pop-up ads (Virus Removal Guide)

You-hub.online is a site that tries to force you into clik to its browser notifications…

2 days ago

Remove News-bhecudu.live pop-up ads (Virus Removal Guide)

News-bhecudu.live is a domain that tries to force you into clik to its browser notifications…

2 days ago