New Variant Of UpdateAgent Malware Infects Mac Computers With Adware

 Microsoft on Wednesday shed light on a previously undocumented Mac trojan that it said has undergone several iterations since its first appearance in September 2020, effectively granting it an "increasing progression of sophisticated capabilities."

The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021.

"The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.

The actively in-development malware is said to be propagated via drive-by downloads or advertisement pop-ups that masquerade as legitimate software like video applications and support agents, even as the authors have made steady improvements that have transformed UpdateAgent into a progressively persistent piece of malware.

Chief among the advancements include the capability to abuse existing user permissions to surreptitiously perform malicious activities and circumvent macOS Gatekeeper controls, a security feature that ensures only trusted applications from identified developers can be installed on a system.

In addition, UpdateAgent has been found to take advantage of public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its second-stage payloads, including adware, in the form of .DMG or .ZIP files.

Once installed, the Adload malware makes use of ad injection software and man-in-the-middle (MitM) techniques to intercept and reroute users' internet traffic through the attacker's servers to insert rogue ads into web pages and search engine results to increase the chances of multiple infections on the devices.

"UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns," the researchers cautioned.

Continue reading

1. Computer Hacker
2. Hacking Tools Windows
3. New Hack Tools
4. Top Pentest Tools
5. Hacking Tools For Kali Linux
6. Pentest Tools List
7. Pentest Tools Linux
8. Pentest Reporting Tools
9. Hacker Tools Free Download
10. Easy Hack Tools
11. Hacking App
12. Pentest Tools Download
13. Hacking Tools Software
14. Black Hat Hacker Tools
15. Hacking Tools For Windows 7
16. Hacker Tools For Mac
17. Pentest Recon Tools
18. Hack Tools Online
19. Pentest Tools Apk
20. Hacking Tools Usb
21. Kik Hack Tools
22. Pentest Tools For Android
23. Hacker Tools Hardware
24. Hacker Tools Github
25. Pentest Tools Framework
26. Hack Tools Online
27. Pentest Reporting Tools
28. Termux Hacking Tools 2019
29. Hacker Tools 2020
30. Pentest Tools Website
31. Install Pentest Tools Ubuntu
32. Black Hat Hacker Tools
33. Hack And Tools
34. Hacker Tools For Mac
35. Hacker Tools Mac
36. Computer Hacker
37. Hacking Tools Usb
38. Pentest Tools For Ubuntu
39. Hack Tools For Ubuntu
40. Hack App
41. Pentest Tools Tcp Port Scanner
42. Pentest Tools Kali Linux
43. Hacking Apps
44. Hacker Tools For Windows
45. Beginner Hacker Tools
46. Hacking Tools For Windows 7
47. Hack Tools For Games
48. Tools 4 Hack
49. Pentest Box Tools Download
50. Pentest Tools Url Fuzzer
51. Nsa Hack Tools
52. Tools 4 Hack
53. Hacker Techniques Tools And Incident Handling
54. Hak5 Tools
55. Hack Tools Mac
56. Hacking Tools For Windows
57. Hacker Search Tools
58. Pentest Tools For Windows
59. Pentest Tools Bluekeep
60. Hack Tools Mac
61. Pentest Tools Alternative
62. What Is Hacking Tools
63. Hacking Tools Hardware
64. Hacker Tools For Pc
65. Hack Tools For Mac
66. Pentest Tools Tcp Port Scanner