Microsoft on Wednesday shed light on a previously undocumented Mac trojan that it said has undergone several iterations since its first appearance in September 2020, effectively granting it an "increasing progression of sophisticated capabilities."
The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021.
"The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.
The actively in-development malware is said to be propagated via drive-by downloads or advertisement pop-ups that masquerade as legitimate software like video applications and support agents, even as the authors have made steady improvements that have transformed UpdateAgent into a progressively persistent piece of malware.
Chief among the advancements include the capability to abuse existing user permissions to surreptitiously perform malicious activities and circumvent macOS Gatekeeper controls, a security feature that ensures only trusted applications from identified developers can be installed on a system.
In addition, UpdateAgent has been found to take advantage of public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its second-stage payloads, including adware, in the form of .DMG or .ZIP files.
Once installed, the Adload malware makes use of ad injection software and man-in-the-middle (MitM) techniques to intercept and reroute users' internet traffic through the attacker's servers to insert rogue ads into web pages and search engine results to increase the chances of multiple infections on the devices.
"UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns," the researchers cautioned.
Related articles- Hacking Tools For Mac
- Hacking Tools For Mac
- Black Hat Hacker Tools
- Hack Tools For Windows
- Hacking Tools For Beginners
- Pentest Tools Apk
- Hacker Hardware Tools
- Hack App
- Hacking Tools For Windows
- Hack Tools Mac
- How To Install Pentest Tools In Ubuntu
- Hacking Tools
- Android Hack Tools Github
- Hacker Tools Free
- Hack Tools For Mac
- Hacking Tools 2019
- Black Hat Hacker Tools
- Hacker Tools For Mac
- Hak5 Tools
- Hacker Tools Software
- Pentest Tools Bluekeep
- Github Hacking Tools
- Pentest Tools List
- How To Hack
- Hacker Tools Apk Download
- Hacking Tools Download
- Game Hacking
- Hack Tools
- Pentest Tools Framework
- Hacker Tools For Pc
- Black Hat Hacker Tools
- Pentest Tools Subdomain
- Hacker Tools Linux
- Pentest Tools Download
- Hacker Tools Apk
- Hack Tool Apk
- Hacking Tools Name
- Hackrf Tools
- Easy Hack Tools
- Hack Apps
- Black Hat Hacker Tools
- Install Pentest Tools Ubuntu
- Hacker Tools Online
- Pentest Tools Android
- Pentest Tools Subdomain
- Hacker Tools For Windows
- Hacking Tools Free Download
- Hacker Tools Free Download
- Hacker Tools Github
- Bluetooth Hacking Tools Kali
- Hacks And Tools
- Computer Hacker
- Nsa Hacker Tools
- Pentest Tools Windows
- Pentest Tools For Android
- Hack Tools Online
- Hacking Tools For Mac
- Pentest Tools Website Vulnerability
- Hack Apps
- Pentest Tools For Ubuntu
- Hack Tools For Windows
- Hack Tools For Ubuntu
- Hacking Tools Windows 10
- Pentest Tools Subdomain
- Pentest Automation Tools
- Usb Pentest Tools
- Hack Tools 2019
- Hacking Tools Kit
- Hacker Tools Free
- Wifi Hacker Tools For Windows
- Pentest Tools Url Fuzzer
- Hack Tools Mac
- Hacker Tools Free Download
- Pentest Automation Tools
- Github Hacking Tools
- Hacker Tools Github
- Pentest Tools Bluekeep
- Hacker Tools For Mac
- Pentest Recon Tools
- Hacker Tools Windows
- Hack Tools
- Hacking Tools For Windows 7
- Hacker Tools Hardware
No comments:
Post a Comment