The crypto ecosystem is shaking again after a DeFi attack drained $290 million, while macOS users face a new silent threat: LotL techniques that abuse legitimate system tools. As if that weren't enough, ProxySmart operates SIM card farms to bypass verifications. Three open fronts in cybersecurity demanding immediate attention. 🔥
LotL on macOS: when native tools become weapons 🛡️
Attackers exploit utilities like osascript, curl, and Python, built into macOS, to execute malicious code without raising suspicion. By using legitimate commands, they evade traditional antivirus signatures. The technique allows downloading payloads, establishing persistence, and exfiltrating data using only system resources. Security teams must monitor unusual processes and scripts, not just suspicious files.
ProxySmart's SIM farm: your number, their business 📱
ProxySmart has set up a SIM card breeding ground to verify accounts en masse. Meanwhile, regular users struggle to recover lost access. The irony is that these farms operate with the same technology you use to request your bank code. If you ever wondered why you receive verification SMS you didn't request, now you know: your number is on the rental list.