HiddenLotus

Description

(Malwarebytes) So HiddenLotus didn’t seem all that interesting at first, other than as a new variant of the OceanLotus backdoor first seen being used to attack numerous facets of Chinese infrastructure. OceanLotus was last seen earlier this summer, disguised as a Microsoft Word document and targeting victims in Vietnam.

But there was something strange about HiddenLotus. Unlike past malware, this one didn’t have a hidden .app extension to indicate that it was an application. Instead, it actually had a .pdf extension. Yet the Finder somehow identified it as an application anyway.

Names

Name
HiddenLotus

Type

Backdoor

Information

https://blog.malwarebytes.com/threat-analysis/2017/12/interesting-disguise-employed-by-new-mac-malware/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/osx.hiddenlotus

Other Information

Uuid

4c6d3007-e655-42e9-81a8-c0096d4ee810

Last Card Change

2020-05-13

Threat Intelligence Garden

Explorer

HiddenLotus

HiddenLotus

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks