A new version of XLoader for Macs has been spotted in the network jungle.
The infostealer and keylogger has received a new update, written in C and Objective C, and comes in the form of a signed malicious image instead of the previous .jar format.
On VirusTotal in July, there are several malware downloads, so the distribution campaign is active.
The new XLoader is disguised as OfficeNote, an office productivity app.
When launched, it gives an error, but pulls up the malware.
Which, in turn, sets the Launch Agent to be fixed in the system and pulls information from the buffer and from Chrome and Firefox browsers.
Well, the disguise as an office application hints at the goals of the campaign.
Interestingly, the XLoader version for Macos is noticeably more expensive than the one for Windows: 199 bucks versus 59.
Apparently, under Macs, not only stylish monitor stands, but also malware should come with an inflated price tag.
The infostealer and keylogger has received a new update, written in C and Objective C, and comes in the form of a signed malicious image instead of the previous .jar format.
On VirusTotal in July, there are several malware downloads, so the distribution campaign is active.
The new XLoader is disguised as OfficeNote, an office productivity app.
When launched, it gives an error, but pulls up the malware.
Which, in turn, sets the Launch Agent to be fixed in the system and pulls information from the buffer and from Chrome and Firefox browsers.
Well, the disguise as an office application hints at the goals of the campaign.
Interestingly, the XLoader version for Macos is noticeably more expensive than the one for Windows: 199 bucks versus 59.
Apparently, under Macs, not only stylish monitor stands, but also malware should come with an inflated price tag.
