Microsoft on Wednesday shed light on a previously undocumented Mac trojan that it said has undergone several iterations since its first appearance in September 2020, effectively granting it an "increasing progression of sophisticated capabilities."
The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021.
"The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.
The actively in-development malware is said to be propagated via drive-by downloads or advertisement pop-ups that masquerade as legitimate software like video applications and support agents, even as the authors have made steady improvements that have transformed UpdateAgent into a progressively persistent piece of malware.
Chief among the advancements include the capability to abuse existing user permissions to surreptitiously perform malicious activities and circumvent macOS Gatekeeper controls, a security feature that ensures only trusted applications from identified developers can be installed on a system.
In addition, UpdateAgent has been found to take advantage of public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its second-stage payloads, including adware, in the form of .DMG or .ZIP files.
Once installed, the Adload malware makes use of ad injection software and man-in-the-middle (MitM) techniques to intercept and reroute users' internet traffic through the attacker's servers to insert rogue ads into web pages and search engine results to increase the chances of multiple infections on the devices.
"UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns," the researchers cautioned.
More information
- Pentest Tools Port Scanner
- Hacker Tools Apk
- Hack Tools For Ubuntu
- Hacker Tools Apk Download
- Hacking Tools Windows 10
- Hack And Tools
- Hacking Tools Kit
- How To Install Pentest Tools In Ubuntu
- Hack Tools Download
- Hacking Tools Online
- Hacker Tools Apk Download
- Hacking Tools For Mac
- Github Hacking Tools
- Pentest Tools
- Hack Tools For Pc
- Pentest Tools Kali Linux
- Pentest Tools For Mac
- Kik Hack Tools
- New Hacker Tools
- Pentest Tools Apk
- Nsa Hack Tools Download
- Hacking Tools And Software
- Pentest Tools For Ubuntu
- Hak5 Tools
- Hacking Tools 2019
- Hacking Tools For Windows 7
- Growth Hacker Tools
- Hacker Tools Software
- Hacking Tools For Pc
- Hacker Tools Free
- Pentest Tools Apk
- Pentest Tools Website Vulnerability
- Hacker Tools Mac
- Pentest Tools Review
- Pentest Tools Github
- Hacking Tools Software
- Hacker Tools Mac
- Pentest Automation Tools
- Pentest Tools Windows
- Hacking Apps
- Pentest Tools Apk
- Hacker Tools Github
- How To Make Hacking Tools
- Pentest Tools Review
- Hacking Tools For Pc
- Hack Rom Tools
- Hacker Tools
- Hack Tools For Mac
- Pentest Tools Kali Linux
- Hacker Tool Kit
- Android Hack Tools Github
- Pentest Tools List
- Hacking Tools For Mac
- Hack Tool Apk No Root
- Pentest Tools Website Vulnerability
- Hacking App
- Hack Tools
- Pentest Tools Linux
- Hacking Tools Hardware
- Hack Apps
- Hacking Tools Usb
- Free Pentest Tools For Windows
- Hackers Toolbox
- Game Hacking
- Hacking Tools 2020
- Hacking Apps
- Easy Hack Tools
- Hacker Tools Software
- Hack Tools 2019
- Pentest Tools Subdomain
- Hacking Tools Windows
- Hack Tools Github
- Blackhat Hacker Tools
- Pentest Tools Android
- Hacker Tools 2020
- Hacker Tool Kit
No comments:
Post a Comment