Here is a list of new strains of malware going around in Mac world:
OSX/Filecoder
This file-encrypting ransomware program is found on BitTorrent websites, masquerading as an Adobe Premiere CC or Office 2016 patcher. If you get infected, it encrypts your files permanently — even if you pay the “ransom.” You can read more about it here.
OSX/Sofacy.gen
The biggest buzz in Mac malware this month involved a backdoor associated with a group known variously as Sofacy, APT28, and Fancy Bear. If a Mac has previously been infected by Sofacy’s malware known as Komplex, that malware may download and install XAgent as a secondary infection. Read more about it here.
iKitten
A report was published describing Mac malware called MacDownloader or OSX.iKitten.A. The malware was targeted at the United States defense industry, and was distributed through a site that impersonated an aerospace firm.
EmPyre Word Macro
A file recently circulated that contained a Microsoft Word macro which contained the EmPyre malicious code, and become infected with additional malware. Read more about it here.
OSX.Proton.A
A new remote-access Trojan (RAT) called PROTON (OSX.Proton.A) was found on a Russian cybercrime message board. The RAT was reportedly available for other would-be criminals to purchase for their own targeted campaigns, and even offered to add an Apple-approved developer signature to the attacker’s custom RAT software in order to bypass Apple’s Gatekeeper protection on the victim’s Mac.
Thank you Intego for keeping us up to date.