It’s well known to everyone that MacOS and Windows are two different operating systems, and trying to run Windows files on MacOS or vice versa would only result in errors.
However, a TrendMicro research suggests that hackers have found a new way to infect MacOS systems with the help of a “.EXE” Windows file.
The antivirus provider discovered this while trying to download and install software from a torrent website. The torrent described the file as Little Snitch — firewall application for macOS.
However, the downloaded “DMG” file included a Windows.”EXE”file, responsible for the pushing a malicious payload.
The researchers write that the routine is designed to bypass Gatekeeper; a MacOS built-in security feature that does a signature check and verification for MacOS supported files.
Since MacOS do not expect an “.EXE” file to execute on the system, the files don’t undergo the same security check.
According to the researchers, the workaround of running Windows file on MacOS was possible with the open-source framework called Mono. It’s mostly a way to run Windows executable files on different platforms like MacOS, Android, and more.
“Cybercriminals are still studying the development and opportunities from this malware bundled in apps and available in torrent sites,” said Trend Micro researchers Don Ladores and Luis Magisa wrote.
“Users should avoid or refrain from downloading files, programs, and software from unverified sources and websites.”
It is worth noting that the same executable file didn’t work on a Windows PC.