Digita Security

Cybersecurity solutions for the

  • modern
  • mobile
  • independent
  • innovative
  • enterprising

macOS workforce

2.17.2017 ( Version 2088 )

OSX_Proton_A

OSX/Proton is a persistent Backdoor and Remote Access Trojan (RAT) that exfiltrates user data including passwords and browsing information [1]. A new variant was discovered in a compromised Handbrake installer in 2017 [2].

References:
  1. https://www.cybersixgill.com/proton-a-new-mac-os-rat/
  2. https://objective-see.com/blog/blog_0x1F.html
Sample Hashes (VT links):
013623e5e50449bbdf6943549d8224a122aa6c42bd3300a1bd2b743b01ae6793