New WildPressure Malware Capable of Targeting Windows and MacOS

  /     /     /  
Publicated : 23/11/2024   Category : security


New WildPressure Malware Capable of Targeting Windows and MacOS


The Trojan sends information back to the attackers servers about the programming language of a target device.



WildPressure, an advanced persistent threat (APT) actor that targets businesses in the industrial sector in the Middle East, is using revamped malware that is able to infect and run on both Windows and macOS systems.
Researchers with Kaspersky have been watching WildPressure and tracking Milum, a malicious Trojan used by the group, since August 2019. Earlier this year, they identified a new WildPressure attack carried out with newer versions of Milum malware. The files discovered contained the Milum Trojan written in C++ and a corresponding Visual Basic Script (VBScript) variant. Another version they found, written in Python, was developed for Windows and macOS. 
In investigating WildPressure, researchers found that Milum sends information back to the attackers servers about the programming language in which the target device is written.
“When first investigating the campaign in 2020, Kaspersky researchers suspected that this pointed to the existence of different versions of this Trojan in different languages. Now this theory has been confirmed.”
The post notes that multi-platform malware capable of infecting devices that run on macOS is rare.
“This particular specimen was delivered in a package, which included the malware, Python library and a script named ‘Guard’. This enabled the malware to launch both on Windows and macOS with little additional efforts.”
Further investigation into this attack uncovered another version of the malware written in Python, which was developed for both Windows and macOS operating systems. All three versions of the Trojan were able to download and execute commands from the operator, collect information, and upgrade themselves to a newer version.
More information can be found 
here.

Last News

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
New WildPressure Malware Capable of Targeting Windows and MacOS