trojan

Cyberthreat update from Acronis CPOCs: Week of March 15, 2021

Here at Acronis, we’re always monitoring for dangers to your data, deploying updates to handle newly-discovered vulnerabilities, and issuing alerts and recommendations to help you stay protected. Our global network of Acronis Cyber Protection Operations Centers (CPOCs) continue to work around the clock to proactively detect and defend against the latest cyberthreats.

Part of this work includes video updates to inform you of modern hazards in the digital landscape — such as malware strikes on financial institutions and newly-discovered cyberthreats. Here’s a look at some of the most recent breaking news and analyses:

Cyberthreat update from Acronis CPOCs: Week of November 30, 2020

Here at Acronis, we’re always monitoring for dangers to your data, deploying updates to handle newly-discovered vulnerabilities, and issuing alerts and recommendations to help you stay protected. Our global network of Acronis Cyber Protection Operations Centers (CPOCs) continue to work around the clock to proactively detect and defend against the latest cyberthreats.

Part of this work includes video updates to inform you of modern hazards in the digital landscape — such as evolutions of notorious cyberthreats, and the new hazards facing holiday shoppers. Here’s a look at some of the most recent breaking news and analyses:

Top cyberthreat against macOS now installs adware with a Python script

The first examples of the Shlayer malware family were discovered in February 2018. Since then, it has become the most popular macOS first-stage trojan-downloader.

Shlayer remotely installs other malicious or potentially unwanted applications such as Cimpli, Bnodlero, Geonei, and Pirrit adware for macOS X desktops and laptops, mostly targeting US-based users. Once installed, the adware collects the victim’s personal data and tracks browsing activities that can be used to target additional ads. This newest version of the trojan leverages a Python script for stealthier execution of the malicious payload and employs data encryption for communications with its external command and control (C&C) server.