Just because you’re using a Mac doesn’t mean you’re safe from hackers. That’s what two security researchers are warning, after finding a Mac-based malware that may be an attempt by Iranian hackers to target the U. S. defense industry.
The malware, called MacDownloader, was found on a website impersonating the U. S. aerospace company United Technologies, according to a report from Claudio Guarnieri and Collin Anderson, who are researching Iranian cyberespionage threats.
The fake site was previously used in a spear-phishing email attack to spread Windows malware and is believed to be maintained by Iranian hackers, the researchers claimed.
Visitors to the site are greeted with a page about free programs and courses for employees of the U. S. defense companies Lockheed Martin, Raytheon and Boeing.
The malware itself can be downloaded from an Adobe Flash installer for a video embedded in the site. The website will provide either Windows or Mac-based malware, depending on the detected operating system.
A screenshot of the fake site.
The MacDownloader malware was designed to profile the victim’s computer, and then steal credentials by generating fake system login boxes and harvesting them from Apple’s password management system, Keychain.
