Hackers are selling Proton malware on underground markets in 40 Bitcoins. It is claimed by them that it is undetectable by any antivirus software and has capability to take full control of Mac devices. Dubbed Proton by its developers, the malware is a RAT (Remote Administration Tool) and is being sold in one of the leading closed Russian cybercrime message boards.
Capabilities of Proton RAT:
Proton comes with capabilities including taking full control of a targeted device, keylogging, Observers with SMS notifications, SSH/VNC tunneling with VPS, webcam/screen surveillance, premium customer support, file uploadings, and downloads.
Malware developer also posted a video on YouTube explaining how this malware works.
Gaining root privileges on MAC OS is only possible by employing a previously unpatched 0-day vulnerability, which is suspected to be in possession of the author. Proton’s users then perform the necessary action of masquerading the malicious app as a genuine one, including a custom icon and name. The victim is then tricked into downloading and installing Proton.”
Written By:Vikas Dwivedi