Language: rus ukr eng


Friday, 10 May
Mobile version  | RSS
News Ukraine Russia Peace Business Society Artistic and Culture Sports Policy PE Science and Health Photo Report Video

From the virus under Mac saves only reinstalling the OS

13 August 2017, 13:38 | Technologies
photo InternetUA
Text Size:

Malicious software Mughthesec, distributed through advertising, is masked under the installation file Adobe Flash Player. After the installation, to which the user must give consent, the virus changes the search system in the browser Safari. Cyber ??security researchers believe that the only effective way to remove Mughthesec is to reinstall macOS.

Attack of Mughthesec.

The web is spreading new malicious software called Mughthesec, which is vulnerable to all devices running macOS. Mughthesec is an improved version of the long-known virus OperatorMac. This view, in particular, adheres to the research of cybersecurity Thomas Reed (Thomas Reed) from the company-developer of antivirus software Malwarebytes.

It is not known exactly how long Mughthesec began work. In a social network Twitter user named Neal wrote that he had faced him at least six months ago. In the Objective-See blog, cyber security researcher Patrick Wardle of Synack published an analysis of Mughthesec.

How it works.

According to World's observations, Mughthesec disguises itself as a Player. Dmg, the installation file Adobe Flash Player for Mac, which is installed on the device itself player, Advanced Mac Cleaner and Safe Finder and Booking. Com for Safari browser. Mughthesec is distributed through ads and pop-ups. For the success of the attack, the user must agree to install the Safe Finder.

Usually, malware distributed through advertising hacks the victim's browser in order to extract financial benefits. After installation, Mughthesec changes the browser's home page to http: // default27061330-a. Akamaihd. Net / s? Q = @@@ & _ pg = 564D4420-C090-470B-9C13-6760B31264E7. Externally the page looks harmless - there is almost nothing except the search line. However, in practice it contains Safe Finder scripts.

In addition, the browser installs the Any Search extension. During a search request goes through a series of affiliated authorities before finally processed by Yahoo Search system. Safe Finder icons and scripts are present in all search results.

Ways of liquidation.

Mughthesec has the signature of the developer Apple, thanks to which it does not respond GateKeeper. Also, it has a mechanism that does not allow antivirus programs to detect it. At least, no tool of the online scanner Virus Total at Mughthesec has responded, World reports. User Twitter Gavriel State (Gavriel State), who first paid attention to Mughthesec, confirms that the virus is able to deceive the protection.

According to World, Mughthesec can be downloaded to the victim's PC as many times as necessary. Therefore, simple removal is not an effective method of combating the virus. The researcher recommends that you reinstall the macOS on your device to be sure to get rid of the threat.




Add a comment
:D :lol: :-) ;-) 8) :-| :-* :oops: :sad: :cry: :o :-? :-x :eek: :zzz :P :roll: :sigh:
 Enter the correct answer 
News archive "Technologies"
Ad
© 2009 - 2024 NewsMe. All rights reserved.
The site administration is not responsible for information what put in, as well as its reliability. Use material NewsMe permitted only for reference (for internet issues - hyperlinks) on NewsMe.com.ua.

Наши проекты: