But, sometimes, it seems that all the steps one could take to secure his sensitive information, malicious third parties are always one step ahead. Now, companies are more willing to share information with partners, experts, and the larger community to collaboratively tackle threats.
The Redmond tech giant pull the cover off hackers
The perfect example of such a collaboration is Microsoft working with rival Apple to patch the Shrootless vulnerability in macOS devices. To make sure they both discourage attacks and educate people on what measures to take, the tech giant has now published detailed information about a sophisticated trojan that is targeting Mac devices. Redmond security experts say that the trojan is dubbed UpdateAgent and was discovered back in September 2020 as more of a basic information stealer. Since then, it has evolved quite a lot and its recent iterations have actually been known to distribute secondary payload, such as the Adload adware. Microsoft warns that UpdateAgent’s constantly evolving persistent infiltration methods means that it could evolve even further in future campaigns and distribute more dangerous payload. The above-mentioned UpdateAgent usually looks like legit software that users download on their Apple-powered PCs. Then, it’s only a matter of time until it bypasses several macOS controls and infects the targetted device. The perfect example of this is bypassing Gatekeeper, which was made to ensure that only trusted apps can run on your hardware. After this step is complete, the trojan turns to existing user permissions in order to perform shady activity, following which it covers its tracks. Microsoft also underlined the fact that UpdateAgent downloads its malicious payload from S3 buckets and Cloudfront on AWS. Have you ever had this problem on your Mac device? Share your experience with us in the comments section below.
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ