Wednesday, April 30, 2025
HomeMalwareHackers Launching Unique Windows and MacOS Malware via Fake WhatsApp Official Website

Hackers Launching Unique Windows and MacOS Malware via Fake WhatsApp Official Website

Published on

SIEM as a Service

Follow Us on Google News

Researchers discovered a new malware that infect MacOS via malicious website by disguised as WhatsApp official website where it also drops a malware for Windows Operating system.

Attackers are targeting both Windows and MacOS operating system to injecting a backdoor that helps to execute malicious code from a remote server.

Backdoor named as Mac.BackDoor.Siggen.20 gets on victims’ devices via websites controlled by its developers, and it drops Malicious code that executes in victims machine written in python.

- Advertisement - Google News

There is two malicious domain identified, in which, One of the resources is disguised as a personal website another one is posed as the WhatsApp messenger official website.

Backdoor Infection Process

Initially, when users opening the malicious sites, an embedded code that deployed within the website detects the operating system whether its Windows platform or MacOS to uploads either the backdoor.

According to Dr, Web Research, If a visitor uses macOS, their device gets infected with Mac.BackDoor.Siggen.20, and BackDoor.Wirenet.517 is downloaded on Windows devices.

Later, Attackers using well-known Remote access Trojan to control the victim’s computer remotely and also perform various malicious operation including to hijack camera and microphone on the victim’s device.

Researchers identified that the RAT signed with a valid digital certificate and the attacker not using this attack for large scale operation.

“According to our information, the website spreading the backdoor under the cover of the WhatsApp messenger, was visited by about 300 visitors with unique IP addresses”. Dr, Web Said.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

Advanced Retefe Banking Malware Attack on Windows and Mac Users via Weaponized Word Documents

Miner Malware Uses Multiple Propagation Methods to Infect Windows Machines and to Drop Monero Miner

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Trellix Launches Phishing Simulator to Help Organizations Detect and Prevent Attacks

Trellix, a leader in cybersecurity solutions, has unveiled its latest innovation, the Trellix Phishing...

AiTM Phishing Kits Bypass MFA by Hijacking Credentials and Session Tokens

Darktrace's Security Operations Center (SOC) in late 2024 and early 2025, cybercriminals have been...

Nitrogen Ransomware Uses Cobalt Strike and Log Wiping in Targeted Attacks on Organizations

Threat actors have leveraged the Nitrogen ransomware campaign to target organizations through deceptive malvertising...

Researchers Reveal Threat Actor TTP Patterns and DNS Abuse in Investment Scams

Cybersecurity researchers have uncovered the intricate tactics, techniques, and procedures (TTPs) employed by threat...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

New WordPress Malware Disguised as Anti-Malware Plugin Takes Full Control of Websites

The Wordfence Threat Intelligence team has identified a new strain of WordPress malware that...

Konni APT Deploys Multi-Stage Malware in Targeted Organizational Attacks

A sophisticated multi-stage malware campaign, potentially orchestrated by the North Korean Konni Advanced Persistent...

Outlaw Cybergang Launches Global Attacks on Linux Environments with New Malware

The Outlaw cybergang, also known as “Dota,” has intensified its global assault on Linux...