Home Malware XLoader Windows InfoStealer Malware Now Upgraded to Attack macOS Systems

XLoader Windows InfoStealer Malware Now Upgraded to Attack macOS Systems


macOS Malware

Cybersecurity researchers on Wednesday disclosed details of an evolving malware that has now been upgraded to steal sensitive information from Apple’s macOS operating system.

The malware, dubbed “XLoader,” is a successor to another well-known Windows-based info stealer called Formbook that’s known to vacuum credentials from various web browsers, collect screenshots, log keystrokes, and download and execute files from attacker-controlled domains.

Stack Overflow Teams

“For as low as $49 on the Darknet, hackers can buy licenses for the new malware, enabling capabilities to harvest log-in credentials, collect screenshots, log keystrokes, and execute malicious files,” cybersecurity firm Check Point said in a report shared with The Hacker News.

Distributed via spoofed emails containing malicious Microsoft Office documents, XLoader is estimated to infected victims spanning across 69 countries between December 1, 2020, and June 1, 2021, with 53% of the infections reported in the U.S. alone, followed by China’s special administrative regions (SAR), Mexico, Germany, and France.

While the very first Formbook samples were detected in the wild in January 2016, the sale of the malware on underground forums stopped in October 2017, only to be resurrected more than two years later in the form of XLoader in February 2020. In October 2020, the latter was advertised for sale on the same forum which was used for selling Formbook, Check Point said. Both Formbook and its XLoader derivative are said to share the same codebase.

macOS Malware

According to statistics released by Check Point earlier this January, Formbook was third among the most prevalent malware families in December 2020, impacting 4% of organizations worldwide. It’s worth noting that the newly discovered XLoader malware for PC and Mac is not the same as XLoader for Android, which was first detected in April 2019.

Prevent Ransomware Attacks

“[XLoader] is far more mature and sophisticated than its predecessors, supporting different operating systems, specifically macOS computers,” said Yaniv Balmas, head of cyber research at Check Point. “Historically, macOS malware hasn’t been that common. They usually fall into the category of ‘spyware’, not causing too much damage.”

“While there might be a gap between Windows and MacOS malware, the gap is slowly closing over time. The truth is that macOS malware is becoming bigger and more dangerous,” Balmas noted, adding the findings “are a perfect example and confirm this growing trend.”





Source link

RELATED ARTICLES

Hackers Posed as Aerobics Instructors for Years to Target Aerospace Employees

An Iranian cyberespionage group masqueraded as an aerobics instructor on Facebook in an attempt to infect the machine of an employee of an...

UBEL is the New Oscorp — Android Credential Stealing Malware Active in the Wild

An Android malware that was observed abusing accessibility services in the device to hijack user credentials from European banking applications has morphed into...

Cyberattacks Zero in Tokyo Olympics as Games Begin – E Hacking News

  Malicious malware and websites have targeted both event organizers and regular spectators as the Tokyo Olympics' opening ceremony approaches. According to Tokyo-based Mitsui Bussan...
- Advertisment -

Most Popular

Former Goldman Sachs CIO, joins fintech start-up Advisory Board

illumr removes bias in AI for financial services organisationsDamian Sutcliffe, the former EMEA CIO for Goldman Sachs...

Hackers Posed as Aerobics Instructors for Years to Target Aerospace Employees

An Iranian cyberespionage group masqueraded as an aerobics instructor on Facebook in an attempt to infect the machine of an employee of an...

Security breaches where working from home is involved are costlier, claims IBM report • The Register

Firms looking to save money by shifting to more flexible ways of working will need to think carefully about IT security and the...

Recent Comments