Researchers Found Yet Another Malware Designed to Compromise Mac Devices

Follow by Email4k
Facebook
Facebook
Google+25
https://latesthackingnews.com/2017/02/16/researchers-found-yet-another-malware-designed-compromise-mac-devices/
Twitter108

A renowned IT security/antivirus firm named Bitdefender, has recently identified that the latest strain of Xagent for the Mac which is being used as a backdoor for the attackers. After this malware is installed using Komplex downloader, it looks for debugger’s presence and if it is not found it waits for a network connection to be enabled and to contact to its C&C servers. Then the attackers will activate specific payload modules

APT28, a Russian hacking group is believed to be playing a crucial role in the development of these tools to infiltrate and infected the systems that run on iOS, Windows, Linux and Android. Perhaps now their only target has become the Mac devices, which is they are reports about one Mac malware after another one.

In a blog post published on Tuesday, the researchers at Bitdefender explained that Xagent’s Mac version could be made to perform tasks like obtaining passwords, intrusion, taking screenshots and stealing iOS backups that are stored on infected Mac device. Xagent is a payload with the modules that can search the system configuration of Mac devices, the offload running processes and launch the executable codes. 

Related  Over 117 Million LinkedIn Accounts Have Been Put On Sale By Hackers

The aspect which hinted at the involvement of the APT28 [Pdf] in distribution of Xagent is a file path located in malware’s binary file which showed writer of Komplex developed itKomplex is a first-stage Trojan that was used by Sofacy too to compromise devices. According to the findings of Bitdefender researchers, Xagent’s Mac version is being planted by Komplex too.

The APT28 group has been active since 2007 and shares close ties with the Russian government. The group’s members are well-versed in Russian and operate according to Russian business timings while they usually attack Ukraine, Romania, US, Canada and Spain, which probably are facts that led to the assumption that it is linked with Russia.

Follow by Email4k
Facebook
Facebook
Google+25
https://latesthackingnews.com/2017/02/16/researchers-found-yet-another-malware-designed-compromise-mac-devices/
Twitter108

Leave a Reply

Like the article? please consider sharing it. Thank you