Page 2 - Cyber Byte August 2023
P. 2

CYBER GEEKS NEWS




        A) New Realst macOS  malware                          on macOS. This type of malware  will steal

        duping through fake blockchain  data  from the victim’s web  browsers  and
        games                                                 cryptocurrency  wallet  apps and  send them
                                                              back to the threat  actors.  Sentinel One

                      A new Mac malware named “Realst”        analysed  59  Mach-O  samples of  the  Realst
        is being  used  in  a  massive campaign               malware  found  by  iamdeadlyz,  focusing  on
        targeting Apple computers, with some of its           its macOS versions, and found several distinct
        latest variants including support for macOS           differences. This allowed the researchers to
        14 Sonoma,  which  is still in development.           identify 16 variants of the macOS malware, a
        The malware,  first discovered by security            sign of active and rapid development.
        researcher  iamdeadlyz, is distributed  to
        both Windows and macOS  users in the  The Realst Mac malware
        form of fake blockchain games using names                        When downloading the fake
        such as Brawl Earth,  WildWorld, Dawnland,  game from the threat actor’s site, they will be
        Destruction,  Evolion,  Pearl,  Olymp  of  offered either Windows or macOS malware,
        Reptiles, and SaintLegend. These games are  depending on their OS. The Windows malware
        promoted  on social media, with the threat  is  typically RedLine Stealer, but sometimes
        actors using direct messages to share access  other  malware  like Raccoon  Stealer  and
        codes required to download the fake game  AsyncRAT. For Mac users, the sites  will
        client from associated websites. Access codes  distribute  the  Realst info-stealing  malware,







































        allow the threat actors to vet those they wish  which targets Mac devices as PKG installers
        to target  and avoid security researchers  or DMG disk  files  containing the malicious
        who want to reveal malicious behaviour. In  Mach-O  files  but no real games or other
        reality,  the game installers infect devices  decoy software. The “game.py” file is a cross-
        with information-stealing malware,  such  platform Firefox infostealer and “installer.py”
        as  RedLine  Stealer  on  Windows  and  Realst


        COMN. & IT DIRECTORATE, CRPF                                                Design By : Ajay Tomar          2
   1   2   3   4   5   6   7