Discover how Acronis outlines competitors with integrated cyber protection, ensuring unmatched security, backup, and recovery solutions.
The first examples of the Shlayer malware family were discovered in February 2018. Since then, it has become the most popular macOS first-stage trojan-downloader. Shlayer remotely installs other malicious or potentially unwanted applications such as Cimpli, Bnodlero, Geonei, and Pirrit adware for macOS X desktops and laptops, mostly targeting US-based users. Once installed, the adware collects the victim’s personal data and tracks browsing activities that can be used to target additional ads. This newest version of the trojan leverages a Python script for stealthier execution of the malicious payload and employs data encryption for communications with its external command and control (C&C) server. The Python script and crypto library are delivered inside of the trojan’s DMG installer.
Sekhmet ransomware, which first appeared in March 2020, has already disclosed the stolen data from at least six victims to date. One recent known attack that occurred on 20 June 2020 targeted SilPac, a gas handling solutions company based in Santa Clara, California.
The threat actor begin the attack by compromising the company’s network via RDP service, using brute force to guess weak passwords or with stolen credentials bought on the Dark Web. Next, the attacker performs second-stage reconnaissance. To elevate privileges, the attacker exploits the CVE-2017-0213 vulnerability in the Windows COM Aggregate Marshaler to run arbitrary code with elevated privileges.
Acronis has been named a TAG Cyber Distinguished Vendor in 2021, and part of the benefits of this designation include being featured in the firm’s flagship “Security Annual” quarterly reports. To this end, TAG Cyber’s Q2’21 report was recently published. The report is, for a lack of a better word, a “beast.” It is over 100 pages long and includes 10 op-eds, 13 interviews with industry executives, and five technical whitepapers. While we certainly recommend the entire thing, we also know your time may be limited. That’s why we made a summary of the report that streamlined the content that was most relevant to the Acronis community. Let's take a quick look at what's included.
