Computer security researchers at Trend Micro have discovered a new way hackers are trying to run .EXE files, the official executable file format used for Windows, on macOS. During their investigation, these .EXE files were delivering a malicious payload that overrides Mac’s built-in protection mechanisms such as Gatekeeper, with the highest numbers for infections to be in the United Kingdom, Australia, Armenia, Luxembourg, South Africa and the United States. It was found in the installer of a popular firewall app for Mac and Windows called Little Snitch, available for download from various torrent websites.
Photo credit: Christian Colen
“By default, EXE files won’t run on a Mac. The booby-trapped Little Snitch installer worked around this limitation by bundling the EXE file with a free framework known as Mono. Mono allows Windows executables to run on MacOS, Android, and a variety of other operating systems. It also provided the DLL mapping and other support required for the hidden EXE to execute and install the hidden payload. Interestingly, the researchers couldn’t get the same EXE to run on Windows,” reports Ars Technica.
- Purposeful Design: Travel with ease and look great doing it with the Aspire's 3 thin, light design.
- Ready-to-Go Performance: The Aspire 3 is ready-to-go with the latest AMD Ryzen 3 7320U Processor with Radeon Graphics—ideal for the entire family,...
- Visibly Stunning: Experience sharp details and crisp colors on the 15.6" Full HD IPS display with 16:9 aspect ratio and narrow bezels.
Photo credit: Trend Micro
