MacOS Malware Poses as Adobe Zii, Steals Credit Card Info and Mines Koto Cryptocurrency buy cvv with credit card, free dumps with pin 2021

By Luis Magisa We’ve seen a diverse range of methods cybercriminals use to trick potential victims, but this one is certainly unusual. Our latest analysis revealed that even illegal cracking software programs are being taken advantage of by cybercriminals to lure users into installing malicious apps. In this particular case, we found a malicious app posing as Adobe Zii (a tool used to crack Adobe products) targeting macOS systems to mine cryptocurrency and steal credit card information.Technical Analysis
The malicious app, which was sourced from VirusTotal and first reported by Malwarebytes , arrives in the target system as “Adobe Zii.app.”
MacOS Malware Steals Credit Card Info
uploadminer.sh contains routines capable of stealing saved information from Google Chrome browsers. Target information includes origin URL, username, password, and credit card name, number, and expiration date.
Autostart Technique and Cryptocurrency-Mining
The malware also downloads a plist file from hxxp://46[.]226[.]108[.]171/com[.]apple[.]rig2[.]plist and saves it to ~/Library/LaunchAgents. The plist file will be used to launch xmrig2 to mine cryptocurrency. It also downloads a plist file from hxxp://46[.]226[.]108[.]171/com[.]apple[.]proxy[.]initialize[.]plist, which contains encrypted Python commands identical to the one that checks if Little Snitch is running and connects to the encrypted Empyre backend. These plist files are loaded into the system through the launchctl command, enabling them to run at startup.
Trend Micro Solutions
MacOS users can stay safe from such threats by regularly updating the system and applications to patch exploitable vulnerabilities. Additionally, downloading software and applications from official websites and trusted app stores can protect against threats that pose as legitimate programs.
MacOS users can also benefit from security solutions such as  Trend Micro Home Security for Mac , which provides comprehensive security and multi-device protection against cyberthreats. Enterprises can benefit from Trend Micro’s  Smart Protection Suites  with XGen™ security, which infuses high-fidelity machine learning into a blend of threat protection techniques to eliminate security gaps across any user activity and endpoint.
Indicators of Compromise (IoCs)
Files
Detection Names
SHA256s
Adobe Zii.app.zip
ebecdeac53069c9db1207b2e0d1110a73bc289e31b0d3261d903163ca4b1e31e
7b90fe8aec599625dd7d4ce0026f839c16fc12aa11839a88055cf49a6db9529b
6236f77899cea6c32baf0032319353bddfecaf088d20a4b45b855a320ba41e93
cdb2fb9c8e84f0140824403ec32a2431fb357cd0f184c1790152834cc3ad3c1b
91b3f5e5d3b4e669a49d9c4fc044d0025cabb8ebb08f8d1839b887156ae0d6dd
7bc657c96c15ec0629740e00a9c7497417b599694c6b7598eeff095136cbd507
xmrig2
ede858683267c61e710e367993f5e589fcb4b4b57b09d023a67ea63084c54a05
Updated: February 11, 2019 10:40 AMBased on a more in-depth analysis, we found out that the cryptocurrency mined was Koto and not Monero. We changed Monero to Koto to reflect this correction.
Like it? Add this infographic to your site:1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
In the first half of this year, cybersecurity strongholds were surrounded by cybercriminals waiting to pounce at the sight of even the slightest crack in defenses to ravage valuable assets. View the report
The upheavals of 2020 challenged the limits of organizations and users, and provided openings for malicious actors. A robust cybersecurity posture can help equip enterprises and individuals amid a continuously changing threat landscape. View the 2020 Annual Cybersecurity Report
buy cvv with credit card free dumps with pin 2021