Microsoft warns Mac device users about a new threat; Know details
Microsoft has issued a warning a for Mac users. Microsoft reportedly revealed that a Mac malware has improved and is now able to bypass Apple Gatekeeper controls, which are designed to make sure that only trusted apps run on Mac devices. The Mac malware has become more dangerous.
According to reports, the Mac trojan can leverage existing user permissions to secretly perform malicious activities and covers its track by deleting the evidence of the malicious activities.
Microsoft 365 Defender Threat Intelligence Team informed that “UpdateAgent also misuses public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its additional payloads.”
Amazon Web Services (AWS) has taken down the malicious URLs. The malware was first spotted in September 2020. Since then the malware has displayed an increasing progression of sophisticated capabilities.
Microsoft released a statement on Wednesday that the latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent’s ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads.”
The adware uses ad injection software and techniques to intercept a device’s online communications after being installed on the device. It redirect users’ traffic through the adware operators’ servers, injecting advertisements and promotions into webpages and search results.
In addition to gathering system information and sending it to hackers and attackers, it can also open a backdoor to download and install other adware and payloads, said Microsoft.
Microsoft warned that attackers can use either or both the UpdateAgent and Adload, which have the ability to install additional payloads, to potentially deliver more dangerous threats to target systems in future campaigns.