Researchers are warning users about the Coldroot remote access Trojan that is going undetected by AV engines and targets MacOS computers. The RAT is cross-platform and capable of planting a keylogger on MacOS systems prior to the OS High Sierra and is designed to steal banking credentials.
Coldroot was found by researcher Patrick Wardle, chief research officer at Digita Security, who published a technical write-up on the RAT Saturday. The malware, he said, appears to have been for sale on underground markets since Jan. 1, 2017 and versions of the Coldroot code have also been available on GitHub for nearly two years.
