Anyone who tells you that Macs do not get malware or viruses is lying to you. Apple’s operating system can absolutely be manipulated and targeted. The difference is, the number of macOS users is not nearly as high as that of Windows, so hackers don’t generally target them. That being said, sometimes they do, and the XLoader malware strain is proof of that.
Estimated reading time: 2 minutes
XLoader is derived from a popular Windows malware strain and is meant to steal login information from the target system. This new macOS malware is being sold through underground forums “as a botnet loader service that can “recover” passwords from web browsers and some email clients (Chrome, Firefox, Opera, Edge, IE, Outlook, Thunderbird, Foxmail).” According to Bleeping Computers.
The Windows variant is known as Formbook info-stealer and this macOS version has been gaining steam.
Customers can rent the macOS malware version for $49 (one month) and get access to a server that the seller provides. By keeping a centralized command and control infrastructure, the authors can control how clients use the malware.
The Windows version is more expensive as the seller asks $59 for a one-month license and $129 for three months.
As mentioned in the advertisement, the makers of XLoader also provide a Java binder for free, which allows customers to create a standalone JAR file with the Mach-O and EXE binaries used by macOS and Windows.Bleeping Computers
What’s not clear from the Bleeping Computer article is just how this malware is disseminated. Given that XLoader employs botnets, we’re just guessing that it may be through emails, bad links, and even hijacked ads. While this variant is for Macs, all users should be extra aware and careful when clicking links or opening emails. Be sure to read their article for more on this malware.
What do you think of XLoader? You can share your thoughts on any of the social media pages listed below. You can also comment on our MeWe page by joining the MeWe social network.
Last Updated on July 22, 2021.