Microsoft on Wednesday shed light on a previously undocumented Mac trojan that it said has undergone several iterations since its first appearance in September 2020, effectively granting it an "increasing progression of sophisticated capabilities."
The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021.
"The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.
The actively in-development malware is said to be propagated via drive-by downloads or advertisement pop-ups that masquerade as legitimate software like video applications and support agents, even as the authors have made steady improvements that have transformed UpdateAgent into a progressively persistent piece of malware.
Chief among the advancements include the capability to abuse existing user permissions to surreptitiously perform malicious activities and circumvent macOS Gatekeeper controls, a security feature that ensures only trusted applications from identified developers can be installed on a system.
In addition, UpdateAgent has been found to take advantage of public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its second-stage payloads, including adware, in the form of .DMG or .ZIP files.
Once installed, the Adload malware makes use of ad injection software and man-in-the-middle (MitM) techniques to intercept and reroute users' internet traffic through the attacker's servers to insert rogue ads into web pages and search engine results to increase the chances of multiple infections on the devices.
"UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns," the researchers cautioned.
More information
- Hacker Tools Free
- Pentest Reporting Tools
- Hack App
- Pentest Tools Online
- Hacking Tools Mac
- Tools For Hacker
- Hacker Tools Mac
- Pentest Tools Apk
- What Is Hacking Tools
- Hack Rom Tools
- Black Hat Hacker Tools
- Pentest Tools
- Hack Tools Online
- Hacker Tools For Mac
- Pentest Tools Online
- Hacking Tools 2020
- Hacker Tools Free
- Hacker Tools Apk Download
- Best Hacking Tools 2020
- Black Hat Hacker Tools
- Hacking Tools Kit
- Hacking Tools For Games
- Nsa Hack Tools Download
- Best Hacking Tools 2019
- Hacker Tools Software
- Hacking Tools For Beginners
- Hack Tools For Pc
- Pentest Tools Android
- Pentest Tools Review
- Pentest Tools Apk
- Hack Rom Tools
- Hacking Tools Github
- Hacker Tools Github
- Top Pentest Tools
- Hacking Tools Name
- Hack Tool Apk
- Hacker Tools Mac
- Nsa Hacker Tools
- Pentest Tools Kali Linux
- Pentest Tools Kali Linux
- How To Make Hacking Tools
- Hack Website Online Tool
- Hacker Tools Free Download
- Hacking Tools Hardware
- Hacking Apps
- Hacker Hardware Tools
- Ethical Hacker Tools
- Hack And Tools
- How To Hack
- Hacking App
- Pentest Tools Subdomain
- Beginner Hacker Tools
- Hacker Security Tools
- Install Pentest Tools Ubuntu
- Hack Tools Pc
- Hacking Tools Software
- Hacking Tools For Pc
- Bluetooth Hacking Tools Kali
- Pentest Tools List
- Hacking Tools For Windows 7
- World No 1 Hacker Software
- Wifi Hacker Tools For Windows
- Pentest Tools For Mac
- Hack And Tools
- How To Make Hacking Tools
- Free Pentest Tools For Windows
- Hacker Tools Linux
- Pentest Tools Website
- Pentest Tools Website Vulnerability
- Hacking Tools Mac
- Hacker Tools Github
- Tools Used For Hacking
- Pentest Tools Online
- Hacker Techniques Tools And Incident Handling
- Hacker Tools For Ios
- Hacker Tools Free Download
- Hacker Tools Apk Download
- Pentest Automation Tools
- Hack Tools Pc
- Hacker Tools Hardware
No comments:
Post a Comment