Jan 27, 2024

New Variant Of UpdateAgent Malware Infects Mac Computers With Adware


 Microsoft on Wednesday shed light on a previously undocumented Mac trojan that it said has undergone several iterations since its first appearance in September 2020, effectively granting it an "increasing progression of sophisticated capabilities."

The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021.

"The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.

The actively in-development malware is said to be propagated via drive-by downloads or advertisement pop-ups that masquerade as legitimate software like video applications and support agents, even as the authors have made steady improvements that have transformed UpdateAgent into a progressively persistent piece of malware.


Chief among the advancements include the capability to abuse existing user permissions to surreptitiously perform malicious activities and circumvent macOS Gatekeeper controls, a security feature that ensures only trusted applications from identified developers can be installed on a system.

In addition, UpdateAgent has been found to take advantage of public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its second-stage payloads, including adware, in the form of .DMG or .ZIP files.

Once installed, the Adload malware makes use of ad injection software and man-in-the-middle (MitM) techniques to intercept and reroute users' internet traffic through the attacker's servers to insert rogue ads into web pages and search engine results to increase the chances of multiple infections on the devices.

"UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns," the researchers cautioned.

Related posts
  1. Computer Hacker
  2. Bluetooth Hacking Tools Kali
  3. Hack Tools For Mac
  4. Hacking Tools Name
  5. Tools Used For Hacking
  6. Hacking Tools For Mac
  7. Top Pentest Tools
  8. Termux Hacking Tools 2019
  9. Hacking Tools For Mac
  10. Hacking Tools Pc
  11. Hacking Tools Software
  12. Best Pentesting Tools 2018
  13. Pentest Tools Framework
  14. Pentest Tools Kali Linux
  15. Beginner Hacker Tools
  16. Pentest Tools Linux
  17. Black Hat Hacker Tools
  18. Hack Website Online Tool
  19. Hacker Tools Software
  20. Hack Tools For Windows
  21. Hacker Tools Hardware
  22. Tools For Hacker
  23. Hacking Tools Windows 10
  24. Hack Tools Download
  25. Hacker Tools Apk
  26. Hacker Tools Free
  27. Wifi Hacker Tools For Windows
  28. Hack Tool Apk No Root
  29. Pentest Tools For Ubuntu
  30. Game Hacking
  31. Hack Tools 2019
  32. Pentest Tools Kali Linux
  33. Nsa Hacker Tools
  34. Tools Used For Hacking
  35. Hack Tools Github
  36. Tools 4 Hack
  37. Kik Hack Tools
  38. What Are Hacking Tools
  39. Nsa Hack Tools
  40. Pentest Tools Review
  41. Hacking Tools Usb
  42. New Hack Tools
  43. Hacker Search Tools
  44. Pentest Tools Bluekeep
  45. Bluetooth Hacking Tools Kali
  46. Bluetooth Hacking Tools Kali
  47. Hacking Tools Online
  48. Nsa Hack Tools Download
  49. Hacker Security Tools
  50. Hack Tools For Mac
  51. Pentest Tools Website
  52. Hack Rom Tools
  53. Physical Pentest Tools
  54. Hacking Tools Download
  55. Hacking App
  56. Hacker Tools For Pc
  57. Hacking Tools Free Download
  58. Hacking Tools Github
  59. Pentest Tools Alternative
  60. Usb Pentest Tools
  61. Hacker Tools Linux
  62. Termux Hacking Tools 2019
  63. Best Hacking Tools 2019
  64. Hacker Tools List
Posted by at