El nuevo malware XLoader roba credenciales de macOS y Windows

Helga Smithjulio 26, 2021Última actualización: julio 27, 2021
51 1 minuto de lectura

Check Point experts hablado sobre a new cross-platform malware XLoader, a “suscripción” to which costs only $49 on the darknet. XLoader provides the opportunity to collect credentials, can act as a keylogger and runs malicious files.

XLoader originated from the well-known Formbook malware family, which mainly attacked Windows users, but disappeared from the market in 2018. En 2020, Formbook was renamed XLoader.

Nuevo malware XLoader

XLoader was first spotted last February and has gained popularity by promoting it as a cross-platform (Windows and macOS) botnet with no dependencies. The connection between the two malwares was established after it was discovered that the new malware uses the same executable file as the Formbook earlier. Then the malware vendor explained that the Formbook developer had really contributed a lot to the creation of XLoader. Because of this, malware has very similar functionality (stealing credentials, taking screenshots, registro de teclas, and executing malicious files).

Looking at XLoader activity over the past six months, Check Point analysts found that it now targets not only Windows users, but macOS users as well. You can “rent” the version for macOS for $49 a month, having access to a server provided by the seller. By maintaining a centralized management infrastructure, malware authors can control how their clients use XLoader.

The Windows version is more expensive, as for it the the seller asks for $59 por mes, o $129 for three months.

Como se ha mencionado más arriba, researchers tracked Xloader activity from December 1, 2020 to June 1, 2021, and during this time they recorded requests to buy XLoader from hackers from 69 countries. Además, more than half (53%) of malware victims live in the United States.

XLoader is much more sophisticated than its predecessors, and it supports various operating systems, in particular macOS. Historically, macOS threats have not been widespread: they were generally spyware and did not cause too much damage. I think there is a common misconception among macOS users that Apple is more secure than others. Previamente, we could say that there was a gap between malware for Windows and macOS, but now it is gradually narrowing. Malware for macOS is becoming more and more dangerous and widespread. Our recent research confirms this trend. Cybercriminals are increasingly interested in the macOS platformand personally, I expect to see more cyber threats very soon. The Formbook family is just the beginning. Por lo tanto, I would think twice before opening attachments from emails that I receive from unknown senders.Yaniv Balmas, Head of Cyber Research at Check Point Software, dice.

Déjame recordarte que también escribí eso Los investigadores descubrieron el malware Siloscape dirigido a contenedores de Windows Server y clústeres de Kubernetes.

Etiquetas
Helga Smithjulio 26, 2021Última actualización: julio 27, 2021
51 1 minuto de lectura

Helga Smith

Siempre me interesaron las ciencias de la computación., especialmente la seguridad de los datos y el tema, que se llama hoy en día "Ciencia de los datos", desde mi adolescencia. Antes de ingresar al equipo de eliminación de virus como editor en jefe, Trabajé como experto en ciberseguridad en varias empresas., incluido uno de los contratistas de Amazon. Otra experiencia: He enseñado en las universidades de Arden y Reading..

Deja una respuesta

Este sitio utiliza para reducir el spam Akismet. Aprender cómo se procesa sus datos comentario.

Botón volver arriba