Although Apple's official programs are always safe, those that do not belong to the company, no, and that is why MacOS warns us When we try to install something that does not belong natively to the MACs, trying to be careful.
This is what has happened with a famous program that many people used in their computers, and which we will have to get rid of at this time if we do not want to take risks, and much less install it now that we know what it contains inside.
Malware disguises PDF tool
The MOSYLE security company has discovered a new malware that affects Mac and that makes users deceive using a tool that converts files into PDF format (something quite typical). This malicious software, called JSCORERUNNERit is distributed through a website called Fileripple.comwhich has always seen, it appears to be a normal and reliable place to convert documents or images, but in reality it downloads an infected package. The worrying thing is that, at the time it has been discovered, no antivirus was able to detect it, which makes it even more a threat.
The attack works in two phases. In the first, a file called Fileipple.pkgwhich pretends to be a PDF conversion application as any other, but that executes hidden code in the background. Although this installer was signed and seemed legitimate, Apple revoked its certificate and now Macos blocks it by default (giving us clues that it can be bad). The second phase is based on a different package, Safari14.1.2Mojaveauto.pkgwhich is not signed and, therefore, can avoid some of Gatekeopeper's defenses, which makes it especially dangerous.
The main objective is Manipulate Google Chromemodifies the browser settings to force a fraudulent search engine and, from there, you can record key pulsations, redirect the user to phishing pages or show altered search results to steal personal data or even money. In addition, it deactivates browser warnings so as not to raise suspicions.
That is why we have to have two clear things. The first is that if we use Mac, it is best to be faithful to the native apps. In this case using Safari we would not have the same problem, since the Chrome infected virus. And the second is that whenever we can, let's use online tools, since except for well -known brands, we run the risk that small businesses that are not so much, put this type of malwares to infect and steal data, so we do want to turn something into PDF, it is best to use the options that macOS offers us, or do it on online websites, without executing anything in the equipment.
And you, have you installed this tool that was fashionable during the last weeks? If so, you know what you have to do, because your data could be compromised. In case of not having done it and being thinking about it, you already know what tool, at least, you should not install. Leave us a comment if it happened to you and if they have been able to steal something, or not.
