Securepdf viewer.app

Malware Profile Updated 3 months ago
Download STIX
Preview STIX
SecurePDF Viewer.app is a malicious software (malware) that has been found to exploit and potentially damage computer systems, particularly those running on macOS 12.6 (Monterey) or later versions. It infiltrates the system through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can perform harmful activities such as stealing personal information, disrupting operations, or holding data hostage for ransom. The malware comes with the bundle identifier com.softwaredev.swift-ui-test, indicating its deceptive appearance as a legitimate application. The SecurePDF Viewer.app was initially distributed under the name "InternalPDF Viewer". However, in June, researchers identified a variant of this malware named SecurePDF Viewer.app. This variant was signed and notarized by Apple, providing it with an additional layer of perceived legitimacy. The developer associated with the application is "BBQ BAZAAR PRIVATE LIMITED (7L2UQTVP6F)". Apple has since revoked the notarization, acknowledging the malicious nature of the app. Our research further suggests that the SecurePDF Viewer.app might be a subsequent stage of another malware known as ObjCShellz. This indicates a possible evolution or advancement in the malicious software's capabilities and tactics. Users are advised to exercise caution when downloading applications and to regularly update their security software to protect against such threats.
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Objcshellz
1
ObjCShellz is a lightweight but advanced malware written in Objective-C, identified by researchers from Jamf Threat Labs in November 2023. This malicious software is designed to infiltrate macOS systems and enable remote execution of commands by attackers. It is characterized by its advanced obfusca
Internalpdf Viewer
1
None
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Macos
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
Swiftloader Securepdf viewer.appUnspecified
1
None
Source Document References
Information about the Securepdf viewer.app Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
8 months ago
DPRK Crypto Theft | macOS RustBucket Droppers Pivot to Deliver KandyKorn Payloads