Microsoft on Wednesday shed light on a previously undocumented Mac trojan that it said has undergone several iterations since its first appearance in September 2020, effectively granting it an "increasing progression of sophisticated capabilities."
The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021.
"The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.
The actively in-development malware is said to be propagated via drive-by downloads or advertisement pop-ups that masquerade as legitimate software like video applications and support agents, even as the authors have made steady improvements that have transformed UpdateAgent into a progressively persistent piece of malware.
Chief among the advancements include the capability to abuse existing user permissions to surreptitiously perform malicious activities and circumvent macOS Gatekeeper controls, a security feature that ensures only trusted applications from identified developers can be installed on a system.
In addition, UpdateAgent has been found to take advantage of public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its second-stage payloads, including adware, in the form of .DMG or .ZIP files.
Once installed, the Adload malware makes use of ad injection software and man-in-the-middle (MitM) techniques to intercept and reroute users' internet traffic through the attacker's servers to insert rogue ads into web pages and search engine results to increase the chances of multiple infections on the devices.
"UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns," the researchers cautioned.
More info
- New Hacker Tools
- Pentest Tools Github
- Hacking Tools Online
- Hacker Tools 2019
- Bluetooth Hacking Tools Kali
- Hacker Search Tools
- Top Pentest Tools
- Hacks And Tools
- Hacking Tools Windows 10
- Hacker Tools Hardware
- Pentest Tools Github
- Hacker Tools For Pc
- Pentest Tools Android
- Hacking Tools Pc
- Hack Website Online Tool
- Hacker Tools Free Download
- Hacking Tools For Beginners
- Top Pentest Tools
- Bluetooth Hacking Tools Kali
- Hacking Tools For Kali Linux
- Hacker Tools
- Pentest Tools Linux
- Underground Hacker Sites
- Hack Tools For Mac
- Pentest Tools Review
- What Are Hacking Tools
- New Hacker Tools
- Pentest Tools Review
- Hack Tools Github
- Hacking Tools Hardware
- Hacking Tools 2020
- Hacker Tools Github
- Hacking Tools Online
- Pentest Tools Kali Linux
- Hack Tools For Mac
- Hacking Tools For Windows Free Download
- Usb Pentest Tools
- Pentest Tools Linux
- Blackhat Hacker Tools
- Hack Tools Download
- Hacks And Tools
- Free Pentest Tools For Windows
- Pentest Tools Free
- Hack Tools Mac
- Pentest Tools Online
- Tools 4 Hack
- Pentest Tools For Mac
- Hack Tools
- New Hack Tools
- Pentest Tools
- Pentest Reporting Tools
- Hacking Apps
- Blackhat Hacker Tools
- Pentest Tools Find Subdomains
- New Hack Tools
- Hacking Tools For Windows Free Download
- Pentest Tools Online
- Hacking Tools For Mac
- Hacker
- Hacker Tools For Mac
- Android Hack Tools Github
- Pentest Tools Download
- How To Install Pentest Tools In Ubuntu
- Hacker Techniques Tools And Incident Handling
- Pentest Tools Subdomain
- Pentest Tools Online
- Easy Hack Tools
- Hacking Tools For Mac
- Hacker Tools For Windows
- Hacker Search Tools
- Pentest Tools Subdomain
- Pentest Tools Github
- What Are Hacking Tools
- Pentest Tools Online
- Hacker Tools Windows
- Pentest Tools
- Pentest Tools
- Hacker Tools 2019
0 comments:
Post a Comment