Powered by Zoomin Software. For more details please contactZoomin

Flowmon ADS BPATTERNS Description

Table of Contents

DNS_Hijack_MacOS - description

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
  • Last Updated: May 1, 2026
  • 1 minute read
    • Flowmon Products
    • Flowmon Anomaly Detection System
    • Documentation

Source:

Researchers discover new DNS hijacking malware targeting macOS

Security researchers discovered malware targeting Apple Mac computers. This malware resembles the DNSChanger malware detected in 2012. The OSX/MaMi macOS malware modifies DNS server settings on infected computers, forcing all traffic through attacker-controlled servers. The malware also installs a new root certificate authority to intercept encrypted communication. Using this method, attackers can perform man-in-the-middle attacks to steal credentials or inject advertisements or cryptocurrency mining scripts into websites.

Flowmon ADS detects communication to attackers' DNS servers.

Schema:

DNS Hijack detection in Flowmon ADS
DNS Hijack detection in Flowmon ADS

TitleResults for “How to create a CRG?”Also Available inAlert