Microsoft on Wednesday shed light on a previously undocumented Mac trojan that it said has undergone several iterations since its first appearance in September 2020, effectively granting it an "increasing progression of sophisticated capabilities."
The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021.
"The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.
The actively in-development malware is said to be propagated via drive-by downloads or advertisement pop-ups that masquerade as legitimate software like video applications and support agents, even as the authors have made steady improvements that have transformed UpdateAgent into a progressively persistent piece of malware.
Chief among the advancements include the capability to abuse existing user permissions to surreptitiously perform malicious activities and circumvent macOS Gatekeeper controls, a security feature that ensures only trusted applications from identified developers can be installed on a system.
In addition, UpdateAgent has been found to take advantage of public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its second-stage payloads, including adware, in the form of .DMG or .ZIP files.
Once installed, the Adload malware makes use of ad injection software and man-in-the-middle (MitM) techniques to intercept and reroute users' internet traffic through the attacker's servers to insert rogue ads into web pages and search engine results to increase the chances of multiple infections on the devices.
"UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns," the researchers cautioned.
Related news
- Github Hacking Tools
- Kik Hack Tools
- Hacker Tools List
- Pentest Tools Port Scanner
- Hacking Tools Usb
- Hacking Tools Free Download
- Growth Hacker Tools
- Github Hacking Tools
- Hacker Tools Online
- Pentest Tools Website
- Hacking Apps
- Hacking Tools Kit
- Hacking Tools Windows 10
- What Is Hacking Tools
- Hacking Tools Windows
- Pentest Tools Linux
- Hacker Tools 2019
- Hacker Tools Linux
- Hacking Tools For Beginners
- Pentest Tools Framework
- Game Hacking
- What Is Hacking Tools
- Hacking Tools Kit
- Hack Tools Online
- Computer Hacker
- Hack Tools For Games
- Hack Tools For Mac
- Nsa Hacker Tools
- Hacker Tool Kit
- Pentest Tools Bluekeep
- Hacking Tools Usb
- Hack Tools Download
- Hack Tools Mac
- Hacker Tools Hardware
- Hack And Tools
- Pentest Tools List
- Hacking Tools Github
- Growth Hacker Tools
- Pentest Tools
- Hacker Tools Free Download
- Underground Hacker Sites
- Tools Used For Hacking
- Pentest Tools Find Subdomains
- How To Install Pentest Tools In Ubuntu
- Termux Hacking Tools 2019
- Hak5 Tools
- Hacking Tools For Mac
- Hacker
- Pentest Tools Linux
- Pentest Tools Nmap
- What Is Hacking Tools
- What Is Hacking Tools
- Hacking Tools Hardware
- Hacking Tools And Software
- How To Hack
- Android Hack Tools Github
- Hacking Tools For Mac
- Tools For Hacker
- Pentest Tools Linux
- Hacker Tools Online
- New Hack Tools
- Hacking Tools Pc
- Best Hacking Tools 2019
- Hacking Tools Pc
- New Hack Tools
- Pentest Tools Alternative
- Wifi Hacker Tools For Windows
- How To Make Hacking Tools
- Hacking Tools Download
- Hacking Tools For Games
- Blackhat Hacker Tools
- Hacker Tools Apk Download
- Pentest Automation Tools
- Install Pentest Tools Ubuntu
- Best Hacking Tools 2019
- Hacking Tools Download
- Hacks And Tools
- Hacker Tools Online
- New Hack Tools
- Hacking Tools For Beginners
.jpg)
No comments:
Post a Comment