Russian cyber spy developed a new generation of Trojans for Windows and Mac with a whole range of innovative techniques, experts from research companies Fox-IT and Palo Alto Networks. In particular, they received an API that allows hackers to change the direction of traffic between them and the C & C server if necessary.

Malware is developed using a software platform. NET Framework and presented in three versions - for Windows, Mac and Linux. Researchers Palo Alto analyzed the Windows version, it was something called Kazuar. Experts Fox-IT found a Mac-version, called Snake.

On the macOS platform, the trojan is distributed by sending an archive of Adobe Flash Player. App. Zip. It contains an infected version of Adobe Flash Player:

if users install it on a computer, then in addition to the working plug-in itself, there will be a malicious backdoor that uses the LaunchDaemon service for automatic downloading.

Experts believe that the "malicious" is developed by the Russian cybercrime group Turla, associated with the longest ever cyber-spy campaign. Malicious software is a replacement for the Trojan Uroburos, which was destroyed in 2014 by researchers G Data.

Experts of Fox-IT, who discovered a malicious application, recommend scanning the Mac with the Malwarebytes utility. Manually check the presence of "malware" can be on the following ways:.