Microsoft on Wednesday shed light on a previously undocumented Mac trojan that it said has undergone several iterations since its first appearance in September 2020, effectively granting it an "increasing progression of sophisticated capabilities."
The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021.
"The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.
The actively in-development malware is said to be propagated via drive-by downloads or advertisement pop-ups that masquerade as legitimate software like video applications and support agents, even as the authors have made steady improvements that have transformed UpdateAgent into a progressively persistent piece of malware.
Chief among the advancements include the capability to abuse existing user permissions to surreptitiously perform malicious activities and circumvent macOS Gatekeeper controls, a security feature that ensures only trusted applications from identified developers can be installed on a system.
In addition, UpdateAgent has been found to take advantage of public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its second-stage payloads, including adware, in the form of .DMG or .ZIP files.
Once installed, the Adload malware makes use of ad injection software and man-in-the-middle (MitM) techniques to intercept and reroute users' internet traffic through the attacker's servers to insert rogue ads into web pages and search engine results to increase the chances of multiple infections on the devices.
"UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns," the researchers cautioned.
Read more
- Hacking Tools Windows 10
- Hacker Tools For Windows
- Pentest Tools Port Scanner
- Hack Tools For Pc
- Pentest Tools For Ubuntu
- Hacking Tools Software
- Pentest Tools Website Vulnerability
- Hacker Tools 2019
- Pentest Tools Free
- Nsa Hack Tools Download
- Hacking Tools Github
- Pentest Reporting Tools
- Hack Tools Github
- Hacking Tools For Windows
- Pentest Tools Framework
- What Is Hacking Tools
- Hacking Tools Kit
- Nsa Hack Tools Download
- Hacking Tools Kit
- Hacker Tools 2019
- Hacker Tools Linux
- Hacker Tools Apk
- Pentest Tools Open Source
- Beginner Hacker Tools
- Hacking Tools Windows 10
- Pentest Tools Free
- Pentest Tools Framework
- Hacking Tools Kit
- Hacker Tools Free
- Hack Tools Download
- Hacking Apps
- Hack Tools Pc
- Pentest Tools Bluekeep
- Pentest Tools Open Source
- Hack Rom Tools
- Pentest Tools List
- Pentest Tools Nmap
- Hacker Tools Apk
- Hacking Tools For Windows Free Download
- Hack Tools For Pc
- Hacking Tools 2020
- Hacker Tool Kit
- Hack Tools For Windows
- Hacker Tools Apk
- How To Install Pentest Tools In Ubuntu
- New Hacker Tools
- Hack Apps
- Hacking Tools Windows 10
- Pentest Tools Review
- Wifi Hacker Tools For Windows
- Hack App
- Github Hacking Tools
- Hack Tools For Pc
- Hacking Tools Kit
- Hacking Tools Windows 10
- Best Hacking Tools 2020
- Pentest Box Tools Download
- Pentest Tools For Android
- Hacker Tools Free
- Hacker Tools Free
- Pentest Tools Open Source
- Pentest Tools Website Vulnerability
- Pentest Automation Tools
- Hacker Tools For Ios
- Hacker Techniques Tools And Incident Handling
- Hack Tools For Games
- Hacks And Tools
- Hacking Tools
- Hack Website Online Tool
- Hacking Tools Windows 10
- Hacking Tools Usb
- Hacking Tools For Games
- Pentest Automation Tools
- Hack Tools For Mac
- Hack Tools For Mac
- Easy Hack Tools
No comments:
Post a Comment