Two very popular platforms, Slack and Discord, have been mired in some troubling circumstances. According to security researchers, there have been MacOS malware attacks targeting the two platforms, especially those who tend to discuss cryptocurrencies.
The founder of security firm DutchSEC, Remco Verhoef, commented about the malware on June 30th in a blog post about the security and cybersecurity training Sans Institute. As Verhoef explained, the attacks operate by impersonating administrators or “key” individuals in cryto-related chats. Then, small snippets of the conversation are downloaded and execute malicious binary information. The malware is detrimental, as it can track user passwords and then store them on a local machine.
Patrick Wardle of Digital Security commented on the matter as well, stating that “apparently attackers are asking users to infect themselves” with a “rather massive macho binary.” Wardle also identified several factors that make OSX.Dummy a dangerous malware:
- Poor massive binary size
- Ineffective persistence of mechanisms
- Trivial to detect every step
- Terrible infection method
It is also expected that such attacks will improve over time. To mitigate the chance of attacks, it may be best to apply a multi-factor authentication. There have also been reports of a new attack on Bitcoin (BTC) users, which entails gaining control of clipboards in windows to swap out a user’s BTC address with that belonging to the attacker. McAfee Labs also released a statement indicating that cryptojacking has increased by 629 percent in the first quarter of 2018.