a mac malware has become smarter and more dangerous, and now Apple is able to bypass Gatekeeper controls that are designed to ensure trusted apps run only on Mac devices, Microsoft Found out.
mac trojan Can take advantage of existing user permissions to covertly perform malicious activities before removing evidence to cover their tracks.
“UpdateAgent also abuses public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its additional payloads,” said the Microsoft 365 Defender Threat Intelligence Team.
Amazon Web Services (AWS) has removed the malicious URL.
Since its first appearance in September 2020, the malware has displayed a growing stride of sophisticated capabilities.
In a statement on Wednesday, Microsoft said, “The latest campaign saw malware installing AdLoad adware continuously, but UpdateAgent’s ability to gain access to devices could theoretically bring other, potentially more dangerous payloads.” can be extended.”
Once adware is installed, it uses ad injection software and techniques to intercept a device’s online communications and redirect users’ traffic through adware operators’ servers, placing advertisements and promotions on webpages and websites. Injects into search results.
“It is capable of opening a backdoor for downloading and installing adware and payloads other than harvesting system information that is sent to attackers’ C2 servers,” Microsoft said.
Given that UpdateAgent and Adload both have the ability to install additional payloads, attackers could take advantage of one or both of these vectors to deliver potentially more dangerous threats to targeted systems in future missions, it warned. .
FacebookTwitterLinkedin
,