New Variant Of UpdateAgent Malware Infects Mac Computers With Adware

 Microsoft on Wednesday shed light on a previously undocumented Mac trojan that it said has undergone several iterations since its first appearance in September 2020, effectively granting it an "increasing progression of sophisticated capabilities."

The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021.

"The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.

The actively in-development malware is said to be propagated via drive-by downloads or advertisement pop-ups that masquerade as legitimate software like video applications and support agents, even as the authors have made steady improvements that have transformed UpdateAgent into a progressively persistent piece of malware.

Chief among the advancements include the capability to abuse existing user permissions to surreptitiously perform malicious activities and circumvent macOS Gatekeeper controls, a security feature that ensures only trusted applications from identified developers can be installed on a system.

In addition, UpdateAgent has been found to take advantage of public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its second-stage payloads, including adware, in the form of .DMG or .ZIP files.

Once installed, the Adload malware makes use of ad injection software and man-in-the-middle (MitM) techniques to intercept and reroute users' internet traffic through the attacker's servers to insert rogue ads into web pages and search engine results to increase the chances of multiple infections on the devices.

"UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns," the researchers cautioned.

Read more

1. Hacker Tools 2020
2. Hacking Tools Usb
3. Hacker Tool Kit
4. Hackrf Tools
5. Pentest Tools Apk
6. Hacker Tools Hardware
7. Hack Tools Online
8. Underground Hacker Sites
9. Hacker Tools 2020
10. Hacking Tools For Mac
11. Hacking Tools Usb
12. Pentest Tools For Android
13. Github Hacking Tools
14. Hack Tools 2019
15. Bluetooth Hacking Tools Kali
16. Hacking Tools Mac
17. Blackhat Hacker Tools
18. Hacker Tools Linux
19. Pentest Recon Tools
20. Kik Hack Tools
21. Hack Apps
22. Hak5 Tools
23. Hack Tools
24. Hack Tools Pc
25. Tools For Hacker
26. Hacking Tools Pc
27. Pentest Tools Nmap
28. Hacking Tools Pc
29. Pentest Tools Subdomain
30. Usb Pentest Tools
31. Pentest Tools Website Vulnerability
32. Hack Tools For Ubuntu
33. Pentest Tools Open Source
34. Hacker Tools Linux
35. Hack Tool Apk
36. Hack Apps
37. Hack Tools Github
38. Hack Tools For Games
39. Hacker Tools For Pc
40. Github Hacking Tools
41. Growth Hacker Tools
42. Hacker Techniques Tools And Incident Handling
43. Bluetooth Hacking Tools Kali
44. What Is Hacking Tools
45. Hacking Tools Hardware
46. Hacker Tools For Windows
47. Hacking Tools For Games
48. Pentest Tools Open Source
49. Pentest Tools Review
50. Pentest Tools Find Subdomains
51. Hacking Tools Github
52. Pentest Tools Url Fuzzer
53. Free Pentest Tools For Windows
54. Pentest Tools For Ubuntu
55. Hack Tools 2019
56. Hacking Tools For Windows Free Download
57. Hacker Tools Free Download
58. Hack Tool Apk No Root
59. Hacker Tools Mac
60. Hacking Tools Online
61. World No 1 Hacker Software