A new malware disguised in the zoom targets these days these maccos users who are not sufficiently vigilant.
Although macos users are often considered less exposed to computer attacks than Windows, the reality is that cyber threats do not completely bypass them. A new virus, disguised as a false zoom plugin, has begun to target Mac users, using techniques to deceive users and infiltrate their systems.
One user reported that it was the target of two attempts to attack through a link that seemed to download a legitimate zoom plugin. In fact, this link was directing users to a dangerous script that implemented an executable file on the maccos system, infecting the device.
Alex “Jay” Bălan, cyber security expert, analyzed the link and discovered that it executes a Bash Script with Base64. This script copies a hidden file (.Zoom) in a temporary folder of the victim and runs it. Particularly alarming is the fact that only 2 out of 23 antivirus programs have detected this threat, which suggests that it is quite sophisticated.
Table of Contents
Malware applications for Mac can affect a large number of users.
A worrying aspect highlighted by this attack is the attitude of many Mac users towards cyber security. Unlike Windows users, who are accustomed to using antivirus and anti-malware solutions, macos are often based only on the security measures in the system. This excessive confidence can make them vulnerable to complex attacks that bypass traditional protective mechanisms.
In fact, this malware disguised in the zoom, it is precisely this. On the lack of an antivirus / anti-malware protection and on the naivety of users who download applications from dubious links and execute orders in the terminal utility without knowing what they do and what their purpose is.
How to protect yourself from this malware disguised in the zoom and other computer attacks on macos
First of all, always check the source before downloading applications or plugins. Even seemingly legitimate software can hide threats. At a careful analysis, the user can figure out if the web address from which the application downloads is a legitimate or not. As in this case, with this malware disguised in the zoom that is unloaded from a dubious web address, but which starts with "zoom" to mislead.
Do not pull and do not execute unknown files in the terminal. This is a trick often used by attackers to bypass the security measures of Macos. Through the terminal utility, control lines and scripts can be performed that pass the security measures of macos or disable them.
Uses updated security software. Even if many threats are initially undetected, the frequent updates of antivirus and anti-malware applications can increase the chances of protection.
Keep your operating system and updated applications. Apple's security patches can block the vulnerabilities exploited by attackers.
Related: What does Rapid Rapurity Response update mean and what helps?
Install applications from safe sources. It is preferable to use the App Store for installing apps for macos or trusted web pages, developers who digitally sign their applications.
As for this malware disguised in the zoom, analysts continue to study this malware, and the investigations are in progress. In the meantime, it is important to remain vigilant and to adopt stricter security practices, regardless of the platform we use. This incident is a new alarm signal that neither macos users are immune to cyber attacks.
