Digita Security

Cybersecurity solutions for the

  • modern
  • mobile
  • independent
  • innovative
  • enterprising

macOS workforce

11.30.2017 ( Version 2097 )


Also Known As: OSX.Proton.D, Symantec Malware Detector

Variant/Dropper of the OSX/Proton malware posing as a fictitious 'Symantec Malware Detector' application and being distributed by a fake Symantec blog [1]. OSX/Proton is a persistent Backdoor and Remote Access Trojan (RAT) that exfiltrates user data including passwords and browsing information [2].

  1. https://blog.malwarebytes.com/threat-analysis/mac-threat-analysis/2017/11/osx-proton-spreading-through-fake-symantec-blog/
  2. https://www.cybersixgill.com/proton-a-new-mac-os-rat/

Sample Hashes (VT links):