{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/osx.dummy/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["OSX.Dummy"],"_cs_severities":["medium"],"_cs_tags":["malware","cryptocurrency","macos"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eObjective-See reported on a new piece of macOS malware dubbed OSX.Dummy targeting the cryptocurrency community. The report details how their tools can generically thwart this threat at various stages of execution. While specific technical details of the malware\u0026rsquo;s operation and delivery are not provided, the report highlights its existence and potential impact on cryptocurrency users. Defenders should be aware of this emerging threat and consider implementing generic detections to catch this and similar malware families. The original report was published in June 2018.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eInitial Access: The report does not specify the initial access vector.\u003c/li\u003e\n\u003cli\u003eExecution: The report does not specify how the malware executes.\u003c/li\u003e\n\u003cli\u003ePersistence: The report does not specify the persistence mechanisms.\u003c/li\u003e\n\u003cli\u003eDefense Evasion: The report does not specify defense evasion techniques.\u003c/li\u003e\n\u003cli\u003eCredential Access: The report does not specify credential access techniques.\u003c/li\u003e\n\u003cli\u003eDiscovery: The report does not specify discovery techniques.\u003c/li\u003e\n\u003cli\u003eCollection: The report does not specify data collection techniques.\u003c/li\u003e\n\u003cli\u003eImpact: Cryptocurrency theft from infected macOS systems.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe primary impact of OSX.Dummy is likely the theft of cryptocurrency from infected macOS systems. The specific number of victims and the extent of the damage are not specified in the provided source. Successful infection could result in significant financial loss for affected individuals within the cryptocurrency community.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eInvestigate common macOS malware persistence locations for unusual files or processes.\u003c/li\u003e\n\u003cli\u003eMonitor network connections for unusual outbound traffic, which could indicate communication with a C2 server.\u003c/li\u003e\n\u003cli\u003eDeploy behavioral detection rules focusing on suspicious process execution patterns on macOS.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-07T07:33:40Z","date_published":"2026-05-07T07:33:40Z","id":"/briefs/2024-01-03-osx-dummy/","summary":"OSX.Dummy is a new macOS malware targeting the cryptocurrency community, as reported by Objective-See.","title":"OSX.Dummy Malware Targeting Cryptocurrency Community","url":"https://feed.craftedsignal.io/briefs/2024-01-03-osx-dummy/"}],"language":"en","title":"CraftedSignal Threat Feed — OSX.Dummy","version":"https://jsonfeed.org/version/1.1"}