|
|
|
|
|
|
by melomac
210 days ago
|
|
|
FileZilla author was caught red handed, shipping app with IronCore adware downloader, aka installCore from ironSource: https://www.sentinelone.com/blog/osx-ironcore-a-or-what-we-k... As IronCore evolved, it eventually got packed — `+[obj load]` executed prior to entry point — and provided a JavaScript to Objective-C bridge. JS payloads were remotely downloaded and AES encrypted... While offers were the usual suspects back then (Advanced Mac Cleaner, MacKeeper, and a customized Chromium app), the technique could be abused in a couple of ways so to spy on specific targets. Anyhow, I don't know what you do with FZ, I am very much into rsync (OSS) and Transmit app (Panic). |
|
|