Microsoft on Wednesday shed light on a previously undocumented Mac trojan that it said has undergone several iterations since its first appearance in September 2020, effectively granting it an "increasing progression of sophisticated capabilities."
The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021.
"The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.
The actively in-development malware is said to be propagated via drive-by downloads or advertisement pop-ups that masquerade as legitimate software like video applications and support agents, even as the authors have made steady improvements that have transformed UpdateAgent into a progressively persistent piece of malware.
Chief among the advancements include the capability to abuse existing user permissions to surreptitiously perform malicious activities and circumvent macOS Gatekeeper controls, a security feature that ensures only trusted applications from identified developers can be installed on a system.
In addition, UpdateAgent has been found to take advantage of public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its second-stage payloads, including adware, in the form of .DMG or .ZIP files.
Once installed, the Adload malware makes use of ad injection software and man-in-the-middle (MitM) techniques to intercept and reroute users' internet traffic through the attacker's servers to insert rogue ads into web pages and search engine results to increase the chances of multiple infections on the devices.
"UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns," the researchers cautioned.
Related word
- Hacking Tools Usb
- Nsa Hacker Tools
- Best Pentesting Tools 2018
- Hacking Tools Online
- Hacking Tools Usb
- Hacker Search Tools
- Hack Tools Mac
- World No 1 Hacker Software
- Hacker Tools Free Download
- Hacking Tools Windows
- Top Pentest Tools
- Growth Hacker Tools
- Wifi Hacker Tools For Windows
- Hacking Tools Windows
- What Is Hacking Tools
- Pentest Tools Framework
- Hacker
- Hacker Tools Software
- Bluetooth Hacking Tools Kali
- Hacker Tools Free
- Hacking Tools For Windows 7
- Hacker Tools Online
- Hack Tools Mac
- Hacker Tools For Pc
- Hack Tool Apk No Root
- Hack Tools For Mac
- Pentest Tools Nmap
- How To Install Pentest Tools In Ubuntu
- Github Hacking Tools
- Hacking Tools Mac
- Pentest Tools Bluekeep
- Nsa Hacker Tools
- Tools For Hacker
- Hack Tools For Mac
- Tools 4 Hack
- Pentest Tools For Windows
- Hacker Tools
- Termux Hacking Tools 2019
- Best Hacking Tools 2019
- Pentest Reporting Tools
- Hacking Tools Online
- Hacking Tools For Beginners
- Hacker Tools Software
- Hacker Tools Apk Download
- Pentest Tools Windows
- Pentest Tools Windows
- Hacker Tools Apk Download
- Pentest Tools Bluekeep
- Hacking Tools Github
- Hacking Tools For Mac
- Pentest Tools Alternative
- Hack Rom Tools
- Ethical Hacker Tools
- Pentest Tools Apk
- Nsa Hack Tools
- Hacker Hardware Tools
- Hacker Tools Hardware
- Growth Hacker Tools
- Growth Hacker Tools
- Growth Hacker Tools
- What Is Hacking Tools
- Computer Hacker
- How To Hack
- Android Hack Tools Github
- Easy Hack Tools
- Hacking Tools For Windows
- Hacker Tools 2020
- Hack Apps
- Hack Tools
- Pentest Tools Nmap
- Hacking Apps
- Hack Tools Mac
- Hacking Tools Free Download
- Pentest Tools Open Source
- Pentest Tools Alternative
- Hack Tools
- Pentest Tools Website
- Hacking Tools Github
- Hacking Tools Free Download
No comments:
Post a Comment