New Variant Of UpdateAgent Malware Infects Mac Computers With Adware

 Microsoft on Wednesday shed light on a previously undocumented Mac trojan that it said has undergone several iterations since its first appearance in September 2020, effectively granting it an "increasing progression of sophisticated capabilities."

The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021.

"The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.

The actively in-development malware is said to be propagated via drive-by downloads or advertisement pop-ups that masquerade as legitimate software like video applications and support agents, even as the authors have made steady improvements that have transformed UpdateAgent into a progressively persistent piece of malware.

Chief among the advancements include the capability to abuse existing user permissions to surreptitiously perform malicious activities and circumvent macOS Gatekeeper controls, a security feature that ensures only trusted applications from identified developers can be installed on a system.

In addition, UpdateAgent has been found to take advantage of public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its second-stage payloads, including adware, in the form of .DMG or .ZIP files.

Once installed, the Adload malware makes use of ad injection software and man-in-the-middle (MitM) techniques to intercept and reroute users' internet traffic through the attacker's servers to insert rogue ads into web pages and search engine results to increase the chances of multiple infections on the devices.

"UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns," the researchers cautioned.

More articles

1. New Hack Tools
2. Android Hack Tools Github
3. Hack Tools Github
4. Best Hacking Tools 2020
5. Usb Pentest Tools
6. Hack Tools Mac
7. How To Make Hacking Tools
8. Pentest Tools Port Scanner
9. Hacker Tools Linux
10. Pentest Tools Subdomain
11. Pentest Tools Framework
12. Pentest Tools Port Scanner
13. Hack Rom Tools
14. Hacker Tools Github
15. Hack Tools Pc
16. Free Pentest Tools For Windows
17. Hacker Tools Mac
18. Nsa Hacker Tools
19. Tools Used For Hacking
20. Hacks And Tools
21. Hacking Tools 2019
22. Hack Tools Mac
23. Hacking App
24. Hacking Tools
25. Hack Tools
26. Best Hacking Tools 2019
27. Hacking Tools 2020
28. Pentest Tools For Mac
29. Pentest Tools
30. Hacker Tools Apk
31. Tools 4 Hack
32. How To Install Pentest Tools In Ubuntu
33. Hack Tools Online
34. Hacker Tools For Ios
35. Hacking Tools Windows 10
36. Pentest Automation Tools
37. Hacking Tools For Beginners
38. Pentest Tools Review
39. Hacking Tools Mac
40. Ethical Hacker Tools
41. Tools 4 Hack
42. Hacker Tools Online
43. Pentest Tools Open Source
44. Best Hacking Tools 2019
45. Hack And Tools
46. Hacking Tools Usb
47. Hacker Tools 2020
48. Hack Tools 2019
49. Easy Hack Tools
50. Computer Hacker
51. Pentest Tools Nmap
52. Hacking Tools Hardware
53. Hacking Tools Online
54. Hacker Techniques Tools And Incident Handling
55. Pentest Tools For Windows
56. Pentest Tools Open Source