Sign In

Communications of the ACM

ACM TechNews

$49 Malware Receives Major Upgrade to Strike Windows, macOS PCs


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Artist's conception of a desktop computer attacked by malware.

Researchers have spotted a cheap malware variant, once focused on Windows machines, that has been upgraded to infect Mac computers.

Credit: Justin Renteria

Researchers at Check Point Research (CPR) said the Windows-based malware variant known as Formbook has been upgraded to infiltrate Mac PCs.

The new malware, called XLoader, features the same code base as Formbook.

The monitoring software has remote access capabilities and can perform keystroke logging, take screenshots, and steal account credentials.

Its command-and-control (C2) setup uses nearly 90,000 domains in network communication, with just 1,300 real C2 beacons.

The researchers said, "The other 88,000 domains belong to legitimate sites [and] the malware sends malicious traffic to them as well. This presents security vendors with the dilemma of how to determine which are the real C&C servers and not false-positively identify legitimate sites as malicious."

Access to XLoader has been requested by potential threat actors in 69 countries, and the U.S. accounts for more than half of victims so far.

From ZDNet
View Full Article

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


 

No entries found