Skip to main content
  1. Home
  2. Blog
  3. Jamf protects against CrateDepression malware
Jamf Blog
June 3, 2022 by Jamf Threat Labs

Jamf protects against CrateDepression malware

Security, Jamf Threat Labs

SentinelOne researchers recently investigated a supply chain attack leveraging a malicious crate named ‘rustdecimal’ in the crates.io Rust community crate repository.

Threat: CrateDepression

Affects: SentinelOne researchers discovered a typosquatting attack imitating the legitimate ‘rust_decimal’ crate used for financial calculations. The attacker's intent is that developers would misspell the legitimate crate name and download the malicious one ‘rustdecimal’ instead. The malware then identifies the victim's platform (macOS or Linux) and downloads the requisite Mythic Poseidon payload - a well-known post-exploitation red-teaming framework.

Such attacks are not uncommon on macOS. Recently the PyMafka malware leveraged a similar typosquatting technique hosting a malicious Python package named ‘pymafka in an attempt to imitate the legitimate ‘pykafka' package repository used by developers.

Prevented by: Jamf Protect threat prevention blocks the execution of this malware.

Malicious URLs (as published by SentinelOne):

Why allow Mac malware like this to make you sad? Turn that admin frown upside-down with Jamf Protect!

Contact Jamf, your preferred reseller today to get started implementing purpose-built macOS security into your infrastructure.

Request Trial
Jamf Threat Labs
Jamf
Jamf Threat Labs is a global team of experienced threat researchers, cybersecurity experts and data scientists with skills that span penetration testing, network monitoring, malware research and app risk assessment. Jamf Threat Labs primarily monitors and explores emerging threats affecting Mac and mobile devices. The team’s research is published with the aim of raising awareness of specific threats while also improving awareness and advocacy of security practices to protect the modern workforce.
Previous Blog Post:
 Prev
 Top reasons to use Apple TV for your digital signage Blog Homepage
 Next Blog Post:
 Next
 How IT can improve security in healthcare organizations
Related Resources
Blog

Announcing Jamf Protect – Jamf’s endpoint security solution purpose-built for Mac

Read More
Video

Introducing: Jamf Protect

Read More
Blog

Jamf Protect receives several awards for excellence in endpoint protection

Read More
Browse Blog
by Category:
Jamf Pro (588) Enterprise (498) Jamf Nation User Conference (323) Security (320) K-12 Education (186) Healthcare (153) Jamf Protect (149) Jamf School (133)
Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.