MacOS users who think they have protected themselves by downloading a particular two-factor authentication application may have actually infected their machines with a new variant of the Dacls remote access trojan.
When Dacls was originally discovered in late 2019, it was known to target Windows and Linux platforms, but now it appears Macs are no longer safe from this threat, according to a new blog post from Malwarebytes, whose researchers uncovered the threat.
The 2FA app that was caught spreading the RAT was first observed on Apr. 8, and has been identified as a trojanized version of MinaOTP, which is used primarily by Chinese speakers. However, there is presumably nothing stopping the adversaries behind Dacls from trojanizing additional apps catering to users who speak any number of languages.
“[The attackers] used a legitimate 2FA App from its official GitHub repository, added their malicious executable and packaged it as a Mac application. The original MinaOTP remains clean, it was simply used as a building block,” the Malwarebytes Threat Intelligence team told SC Media in an interview.
“U ..
Support the originator by clicking the read the rest link below.
