Home Technology Scary ‘malware-as-a-service’ Mac attack discovered

Scary ‘malware-as-a-service’ Mac attack discovered


Another day, and it’s time for another Apple security scare: malware that can harvest keystrokes and log-ins and is available on the Darknet for only $49.

Malware-as-a-service for Mac attacks

Check Point Software’s research team claims to have identified the hack, which it is calling XLoader. Enterprise security specialists managing Macs and Apple devices (of which there are many) need to be aware of the new attack, as we’re told it can:

  • Harvest logins from browsers.
  • Collect screen shots.
  • Log Keystrokes.
  • Download and execute malicious files.

The hack is being sold as a kind of “malware-as-a-service” for around $49 on Darknet, the researchers said. Hackers in 69 nations have requested it, and 53% of those to have fallen victim to it are based in the US.

The attack vector’s simple: Victims are tricked into downloading the malware using maliciously crafted Word documents.

Showing a little Formbook

XLoader is derived from an existing Windows malware called Formbook, which is the fourth-most prevalent malware family. Formbook has seen use in broad spam campaigns aimed at larger global organizations. (Somewhat confusingly, there’s also an Android malware called XLoader, which isn’t the same thing.)

“Historically, MacOS malware hasn’t been that common,” said Yaniv Balmas, head of cyber research at Check Point Software in a statement. “They usually fall into the category of ‘spyware,’ not causing too much damage. I think there is a common incorrect belief with MacOS users that Apple platforms are more secure than other more widely used platforms. While there might be a gap between Windows and MacOS malware, the gap is slowly closing over time. The truth is that MacOS malware is becoming bigger and more dangerous.”

See also  The Dish ‘fix’ for the T-Mobile-Sprint merger seems more shortsighted than ever

Copyright © 2021 IDG Communications, Inc.



Join Our Whatsapp group. Yawpsarena.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here