Old Mac malware gets more dangerous in new avatar, warns Microsoft


New Delhi, Feb 3 (IANS): A Mac malware has become smarter and more dangerous, and is now able to bypass Apple Gatekeeper controls which are designed to ensure only trusted apps run on Mac devices, Microsoft has revealed.

The Mac trojan can leverage existing user permissions to quietly perform malicious activities before deleting the evidence to cover its tracks.

"UpdateAgent also misuses public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its additional payloads," said Microsoft 365 Defender Threat Intelligence Team.

Amazon Web Services (AWS) has taken down the malicious URLs.

Since its first appearance in September 2020, the malware displayed an increasing progression of sophisticated capabilities.

"The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," Microsoft said in a statement on Wednesday.

Once adware is installed, it uses ad injection software and techniques to intercept a device's online communications and redirect users' traffic through the adware operators' servers, injecting advertisements and promotions into webpages and search results.

"It is capable of opening a backdoor to download and install other adware and payloads in addition to harvesting system information that is sent to the attackers' C2 servers,"said Microsoft.

Considering both UpdateAgent and Adload have the ability to install additional payloads, attackers can leverage either or both of these vectors to potentially deliver more dangerous threats to target systems in future campaigns, it warned.

 

  

Top Stories


Leave a Comment

Title: Old Mac malware gets more dangerous in new avatar, warns Microsoft



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.