A cross platform malware affected not only macOS but also Windows and Linux operating systems. Wirenet, a trojan that opens a backdoor on an infected machine, is also able to take screenshots and collect users keystrokes and additional data from the system and send it to attacker’s server.The malware steals user’s data and passwords for different programs such as browsers (Opera, Firefox, and Chrome) and other popular internet applications such as Thunderbird and SeaMonkkey.
The malware installs itself in the folder %home%/WIFIADAPT.app to communicate with its C&C and encrypts the data using AES encryption algorithm.
- The first Trojan in history to steal Linux and Mac OS X passwords
- Wirenet: The Password-Stealing Trojan Lands on Linux and OS X