Microsoft on Wednesday shed light on a previously undocumented Mac trojan that it said has undergone several iterations since its first appearance in September 2020, effectively granting it an "increasing progression of sophisticated capabilities."
The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021.
"The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.
The actively in-development malware is said to be propagated via drive-by downloads or advertisement pop-ups that masquerade as legitimate software like video applications and support agents, even as the authors have made steady improvements that have transformed UpdateAgent into a progressively persistent piece of malware.
Chief among the advancements include the capability to abuse existing user permissions to surreptitiously perform malicious activities and circumvent macOS Gatekeeper controls, a security feature that ensures only trusted applications from identified developers can be installed on a system.
In addition, UpdateAgent has been found to take advantage of public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its second-stage payloads, including adware, in the form of .DMG or .ZIP files.
Once installed, the Adload malware makes use of ad injection software and man-in-the-middle (MitM) techniques to intercept and reroute users' internet traffic through the attacker's servers to insert rogue ads into web pages and search engine results to increase the chances of multiple infections on the devices.
"UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns," the researchers cautioned.
More info
- Top Pentest Tools
- Pentest Tools Website
- Hacker
- Game Hacking
- What Is Hacking Tools
- Pentest Tools Android
- Pentest Tools Subdomain
- Android Hack Tools Github
- Hack Tools
- Pentest Tools Windows
- Hack App
- How To Install Pentest Tools In Ubuntu
- Hack Tools 2019
- Hacking Tools Hardware
- New Hack Tools
- Hacking Tools Online
- Tools 4 Hack
- Wifi Hacker Tools For Windows
- Pentest Tools Review
- Hacker
- Tools Used For Hacking
- Hacking Tools Hardware
- Hacker
- Hack Tools Pc
- Pentest Tools Linux
- Hack Tools For Games
- Tools 4 Hack
- Pentest Tools Website
- Hack And Tools
- Hacker Tools For Mac
- Hacker Tools For Ios
- Hacking Tools Windows 10
- Pentest Tools Framework
- Best Hacking Tools 2020
- Best Hacking Tools 2019
- Hacker Tools Mac
- Hacking Tools Kit
- Hacking Tools Windows 10
- Hacking Tools
- Pentest Tools Android
- Hacking Tools And Software
- Hack Tools For Ubuntu
- Hacker Tools 2020
- Hack Tool Apk
- Hacking Tools Pc
- Hacking Tools For Beginners
- Hacker Tools For Windows
- Hacking Tools For Kali Linux
- Hack Tools Mac
- Hacking Tools Mac
- Hack Tool Apk
- Best Hacking Tools 2020
- Hack Website Online Tool
- Hack App
- Hacking Tools For Games
- Pentest Tools For Android
- Hacking Tools Usb
- Pentest Tools Review
- Pentest Tools For Ubuntu
- Hacker Tools Mac
- Github Hacking Tools
- Pentest Recon Tools
- Hacking Tools 2020
- Nsa Hack Tools Download
- Hacking Tools Kit
- Hacking Tools
- Hacker Techniques Tools And Incident Handling
- Pentest Tools Framework
- Pentest Tools For Ubuntu
- Black Hat Hacker Tools
- Hacking Tools For Windows
- Hacker Tools For Windows
- World No 1 Hacker Software
- Hacking Tools For Games
- Hacker Tools Github
- Hacker Tools 2020
- Pentest Tools Open Source
- Pentest Tools Nmap
- Hacking Tools For Windows
- Hacker Tool Kit
- Hacker Tools Free Download
- Pentest Tools Bluekeep
- Bluetooth Hacking Tools Kali
- New Hack Tools
- Hack Tools For Windows
- Hacking Apps
- Pentest Tools Url Fuzzer
- Hacking Tools 2020
- Hacking Tools And Software
- Hacker Tools Free Download
- Hack Tools Mac
- Hacker Tools Free Download
- New Hacker Tools
- Bluetooth Hacking Tools Kali
- Pentest Tools Github
- Hacker Hardware Tools
- Hacking App
- Pentest Tools Framework
- Hacking Tools Download
- Hacker Tools Software
- Hack Tool Apk No Root
- Free Pentest Tools For Windows
- Hacker Tools Hardware
- Hacker Tools Github
- Pentest Tools Apk
- Pentest Automation Tools
- Hack Tool Apk
- Hacker Tools For Pc
- Hacking Tools Software
- Hack App
- Pentest Box Tools Download
- Hack Tools
- Pentest Automation Tools
- Pentest Tools Linux
- Pentest Tools Github
- Hacker Tools For Pc
- Hacker Tools For Pc
- Hacker Tools Free
- New Hacker Tools
- Computer Hacker
- Hacker Tools Hardware
- Hack Tool Apk
- Pentest Automation Tools
- Pentest Tools Kali Linux
- Free Pentest Tools For Windows
- Hacker Tools List
- Hacker Tools Software
- Pentest Automation Tools
- Hack Tools For Games
- What Are Hacking Tools
- Ethical Hacker Tools
- Hacking Tools Online
- Hacker Tools List
- Hacker Techniques Tools And Incident Handling
- Hacks And Tools
- Blackhat Hacker Tools
- Pentest Tools Subdomain
- Hacking Apps
- Hacking Tools For Beginners
- Black Hat Hacker Tools
- Hack Tools 2019
- Underground Hacker Sites
- Hacking Tools And Software
