From e6fa06f178ac98425fd2b1c332f58fcdeb486400 Mon Sep 17 00:00:00 2001 From: Deborah Servili Date: Tue, 18 Dec 2018 16:26:49 +0100 Subject: [PATCH] add OSX malwares --- clusters/tool.json | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/clusters/tool.json b/clusters/tool.json index 97c0988..f4ff3f5 100644 --- a/clusters/tool.json +++ b/clusters/tool.json @@ -7477,7 +7477,38 @@ }, "uuid": "48753e22-6c22-409c-b274-68f822c7ef57", "value": "SpicyOmelette" + }, + { + "description": "When LamePyre runs on the system, users see the generic Automator icon in the menu bar, which is typical for any script of this sort.\nThe script decodes a payload written in Python and runs it on the victim host. It then starts to take pictures and upload them to the attacker's command and control (C2) server.", + "meta": { + "refs": [ + "https://www.bleepingcomputer.com/news/security/new-lamepyre-macos-malware-sends-screenshots-to-attacker/" + ], + "synonyms": [ + "OSX.LamePyre" + ] + }, + "uuid": "ca044d42-000e-4366-ace9-e536f8c57440", + "value": "LamePyre" + }, + { + "meta": { + "refs": [ + "https://www.bleepingcomputer.com/news/security/new-lamepyre-macos-malware-sends-screenshots-to-attacker/" + ] + }, + "uuid": "34688253-fea5-4770-bf96-55f45077c347", + "value": "DarthMiner" + }, + { + "meta": { + "refs": [ + "https://www.bleepingcomputer.com/news/security/new-lamepyre-macos-malware-sends-screenshots-to-attacker/" + ] + }, + "uuid": "0147c0fd-ed74-4d38-a823-130542d894a3", + "value": "OSX.BadWord" } ], - "version": 106 + "version": 107 }