Mac Users Targeted by Trojanized iTerm2 App Threats Analyst Threats Analyst

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

Mac Users Targeted by Trojanized iTerm2 App

We go into more detail about a fake version of the iTerm2 app that downloads and runs malware, detected by Trend Micro as TrojanSpy.Python.ZURU.A, which collects private data from a victim’s machine.

By: Steven Du, Luis Magisa September 30, 2021 Read time:  ( words)

Earlier this month, a user on Chinese question-and-answer website Zhihu reported that a search engine result for the keyword “iTerm2” led to a fake website called item2.net that mimics the legitimate iterm2.com (Figure 1). A fake version of the iTerm2 app, a macOS terminal emulator, can be downloaded from a link found in iterm2.net. When this app is

Read the article