All in Vulnerability

New Mac Trojan Disguised As EXE File

Trend Micro is reporting on a a Trojan that is disguised as a Windows executable. It is built with the Mono framework built into the file, so it can execute the EXE code. Normally Windows executable files will not run on a mac, so some of the built in safeguards are bypassed by this method of delivery, “This routine evades Gatekeeper because EXE is not checked by this software, bypassing the code signature check and verification since the technology only checks native Mac files.”