Microsoft on Wednesday shed light on a previously undocumented Mac trojan that it said has undergone several iterations since its first appearance in September 2020, effectively granting it an "increasing progression of sophisticated capabilities."
The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021.
"The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.
The actively in-development malware is said to be propagated via drive-by downloads or advertisement pop-ups that masquerade as legitimate software like video applications and support agents, even as the authors have made steady improvements that have transformed UpdateAgent into a progressively persistent piece of malware.
Chief among the advancements include the capability to abuse existing user permissions to surreptitiously perform malicious activities and circumvent macOS Gatekeeper controls, a security feature that ensures only trusted applications from identified developers can be installed on a system.
In addition, UpdateAgent has been found to take advantage of public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its second-stage payloads, including adware, in the form of .DMG or .ZIP files.
Once installed, the Adload malware makes use of ad injection software and man-in-the-middle (MitM) techniques to intercept and reroute users' internet traffic through the attacker's servers to insert rogue ads into web pages and search engine results to increase the chances of multiple infections on the devices.
"UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns," the researchers cautioned.
More information
- Hacking Tools For Pc
- Hacker Tools Online
- Tools For Hacker
- Tools For Hacker
- Hack Tool Apk No Root
- Hacker Tools 2019
- Hacker Tools Apk
- Pentest Tools Free
- Nsa Hacker Tools
- Nsa Hack Tools
- Blackhat Hacker Tools
- Hacker Tools For Mac
- Bluetooth Hacking Tools Kali
- Hacking Tools And Software
- Hacking Tools Pc
- Pentest Tools Tcp Port Scanner
- Hacker Tools For Ios
- Hacking Tools
- Hak5 Tools
- Pentest Tools Linux
- Wifi Hacker Tools For Windows
- Pentest Tools For Ubuntu
- Hacker Tools Hardware
- Pentest Tools Website Vulnerability
- What Is Hacking Tools
- Hacker Search Tools
- Hacker Tools For Mac
- Hacker Tools Linux
- Tools 4 Hack
- Pentest Automation Tools
- Pentest Tools For Ubuntu
- How To Hack
- Hacking Tools For Kali Linux
- New Hack Tools
- Hacker Tools Mac
- Hack Tools For Mac
- Hacker
- Hacker Tools Free
- Black Hat Hacker Tools
- Easy Hack Tools
- Hack Tools 2019
- Usb Pentest Tools
- Hacker Security Tools
- Pentest Tools For Mac
- Pentest Automation Tools
- Pentest Reporting Tools
- Underground Hacker Sites
- Hacks And Tools
- Github Hacking Tools
- Hacking Tools Usb
- Hacking Tools 2019
- Hacker
- Pentest Tools Linux
- Hack And Tools
- Pentest Tools Review
- Pentest Tools Download
- Best Hacking Tools 2020
- Pentest Automation Tools
- New Hack Tools
- Pentest Tools For Ubuntu
- Termux Hacking Tools 2019
- Pentest Automation Tools
- Hacking Tools Online
- Hack Tools
- Tools 4 Hack
- Hacker Security Tools
- Hack Tools
- New Hack Tools
- Hacking Tools Usb
- Hacker Tools Mac
- Pentest Tools Github
- Hacker Security Tools
- Install Pentest Tools Ubuntu
- Hacking Tools Kit
- Bluetooth Hacking Tools Kali
- Hackrf Tools
- Hack Tools For Mac
- Hacking Tools Software
- Hack Tools Online
- Hack Tools 2019
- Hacker Tools Apk Download
- Hacker Tools Linux
- Hack Website Online Tool
- Pentest Tools For Windows
- Ethical Hacker Tools
- Tools Used For Hacking
- Hacker Search Tools
- Hacker Tools For Mac
- Pentest Tools Website Vulnerability
- Pentest Reporting Tools
- Physical Pentest Tools
- Hacking Tools For Windows 7
- Growth Hacker Tools
- Hacking Tools 2019
- Hacking Apps
- Nsa Hack Tools
- Hacker Tools 2020
- Hacks And Tools
- Hacker Security Tools
- Hack Tools 2019
- Hacker Tools Software
- Easy Hack Tools
- Hacker Tools Apk Download
- How To Install Pentest Tools In Ubuntu
- Hacker Hardware Tools
- Install Pentest Tools Ubuntu
- Pentest Tools Kali Linux
- Hacker Hardware Tools
- Hacks And Tools
- Hacker Tools For Pc
- Hacking Tools For Beginners
- Hacker Tools For Windows
- Pentest Tools Nmap
- Hack Tools Pc
- Pentest Reporting Tools
- Tools 4 Hack
- Pentest Box Tools Download
- Pentest Automation Tools
- World No 1 Hacker Software
- Pentest Tools Apk
- Hacking Tools For Windows Free Download
- Hacking Tools For Beginners
- Pentest Tools For Ubuntu
- Top Pentest Tools
- Nsa Hack Tools
- Pentest Tools Url Fuzzer
- Pentest Tools Website Vulnerability
- Pentest Tools Apk
- Hacker Tools For Pc
- Hack Tools 2019
- Pentest Tools Github
- Hacker Techniques Tools And Incident Handling
- Hacking Tools For Mac
- Pentest Tools Framework
- Physical Pentest Tools
- Pentest Tools Website
- Hacker Tools For Windows
- Pentest Tools
- Hacker Tools Free Download
- Hacking Tools Pc
- Hack Tools For Games
- Bluetooth Hacking Tools Kali
- Pentest Tools For Windows
- Pentest Tools Website Vulnerability
- Pentest Tools Find Subdomains
- Underground Hacker Sites
- Hacks And Tools
- Usb Pentest Tools
- Hacking Tools 2020
- Hack Apps
- Best Hacking Tools 2020
- Pentest Tools For Windows
- Hack Tools 2019
- Pentest Reporting Tools
- Pentest Tools Framework
- Hacking Tools Mac
- Hacking Tools Software
- Hacking Tools Free Download
- Pentest Tools Nmap
- Hacker Tools Linux
- Tools For Hacker
- Pentest Tools Subdomain
- Hacking Tools For Windows Free Download
- Hacker Tools Apk
- Hacking Tools 2019
- Hackers Toolbox
- Pentest Tools Free
- Pentest Tools Website
No comments:
Post a Comment