New Variant Of UpdateAgent Malware Infects Mac Computers With Adware

 Microsoft on Wednesday shed light on a previously undocumented Mac trojan that it said has undergone several iterations since its first appearance in September 2020, effectively granting it an "increasing progression of sophisticated capabilities."

The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021.

"The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.

The actively in-development malware is said to be propagated via drive-by downloads or advertisement pop-ups that masquerade as legitimate software like video applications and support agents, even as the authors have made steady improvements that have transformed UpdateAgent into a progressively persistent piece of malware.

Chief among the advancements include the capability to abuse existing user permissions to surreptitiously perform malicious activities and circumvent macOS Gatekeeper controls, a security feature that ensures only trusted applications from identified developers can be installed on a system.

In addition, UpdateAgent has been found to take advantage of public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its second-stage payloads, including adware, in the form of .DMG or .ZIP files.

Once installed, the Adload malware makes use of ad injection software and man-in-the-middle (MitM) techniques to intercept and reroute users' internet traffic through the attacker's servers to insert rogue ads into web pages and search engine results to increase the chances of multiple infections on the devices.

"UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns," the researchers cautioned.

More articles

1. Hacker Tools Mac
2. Nsa Hacker Tools
3. Kik Hack Tools
4. Pentest Tools For Mac
5. Pentest Tools List
6. Nsa Hack Tools
7. Free Pentest Tools For Windows
8. Hacking Tools For Windows 7
9. Termux Hacking Tools 2019
10. Hak5 Tools
11. Blackhat Hacker Tools
12. Hack Tools 2019
13. Hacking App
14. Hacker Tools Hardware
15. Hack Tools Github
16. Pentest Tools Subdomain
17. How To Hack
18. Hacking Tools Mac
19. Hacking Tools Pc
20. Pentest Tools For Ubuntu
21. Pentest Tools Review
22. Install Pentest Tools Ubuntu
23. How To Install Pentest Tools In Ubuntu
24. Termux Hacking Tools 2019
25. Nsa Hack Tools Download
26. Hack Tools Pc
27. Pentest Tools Online
28. Hacker Tools For Windows
29. Hacking Tools For Windows
30. Hacking Tools For Games
31. Pentest Tools Framework
32. Pentest Tools Online
33. Hacker Tools 2019
34. Hacking Tools Name
35. Hacking Tools And Software
36. How To Install Pentest Tools In Ubuntu
37. Hacking Tools Kit
38. Hack App
39. Hacker Tools Hardware
40. Hacking Tools And Software
41. Pentest Tools Kali Linux
42. Pentest Tools Review
43. Hack Tool Apk
44. Hacker Tools Windows
45. Best Hacking Tools 2019
46. Hack Tools For Ubuntu
47. Pentest Tools Free
48. Pentest Tools List
49. Termux Hacking Tools 2019
50. Pentest Tools Nmap
51. Hacking Tools For Mac
52. Hacking Tools 2019
53. Hacking Apps