Cybersecurity experts have recently uncovered a new proxy trojan malware campaign targeting Mac users who download pirated software from warez sites.
The malware infects the users’ computers and turns them into proxy servers that cybercriminals can use to hide their identity and location while conducting malicious or illegal activities online.
What is proxy trojan malware, and why is it dangerous?
Proxy trojan malware is a type of malware that installs a proxy service on the infected computer, allowing the attacker to route their internet traffic through it. This way, the attacker can disguise their IP address and location, making it harder for law enforcement or security researchers to trace them.
This malware can be used for various purposes, such as hacking, phishing, spamming, or buying and selling illicit goods on the dark web. The infected computer becomes part of a botnet, a network of compromised devices that the attacker can control remotely.
The proxy trojan malware poses a serious threat to the security and privacy of Mac users and their performance and bandwidth.
The malware consumes a lot of system resources and internet data, slowing down the computer and increasing the internet bill. Moreover, Mac users may face legal consequences if their computer is used for criminal activities without their knowledge or consent.
How does the proxy trojan malware infect Mac users?
The malware campaign was discovered by Kaspersky, which reports that the earliest submission of the payload on VirusTotal dates to April 28, 2023. The malware is distributed through popular macOS software that is offered for free on warez sites, such as Adobe Photoshop, Microsoft Office, or Logic Pro.
The pirated software comes bundled with a malicious installer that runs a script that downloads and executes the proxy trojan malware in the background. The script also modifies the system settings to ensure the malware runs automatically at startup and persists even after rebooting.
The malware then connects to a command-and-control server that instructs it to start forwarding traffic to a specified destination. The server also sends updates and configuration files to the malware periodically.
How can Mac users prevent and remove proxy trojan malware?
The best way to prevent proxy trojan malware infection is to avoid downloading pirated software from warez sites or other untrusted sources. Mac users should always use legitimate and updated software from official vendors or app stores. They should also install a reliable antivirus program that can detect and block malicious files and processes.
If Mac users suspect they have been infected by proxy trojan malware, they should scan their system with an antivirus tool and remove any suspicious files or applications. They should also check their network settings and firewall rules and remove any unauthorized entries. Additionally, they should change their passwords and monitor their online accounts for any signs of compromise or fraud.
Keep in touch with our blog to read the latest news and innovations in the cybersecurity world.
Facebook: Eagle Tech Corp
Instagram: @eagletech_corp
Twitter: @eagletechcorp
LinkedIn: Eagle Tech
YouTube: Eagle Tech Corp