Shulou(Shulou.com)11/24 Report--

CTOnews.com, August 22 (Xinhua)-- XLoader, once known as the "fourth largest malicious attack" in 2021, is making a comeback, with not only the destructive power but also the camouflage ability further enhanced, making it easier for macOS users to be recruited.

According to the latest report from cyber security company SentinelOne, the new version of XLoader malicious tools was recompiled in C and Objective C and signed by Apple developers.

The attacker further disguised the XLoader malicious tool as a Microsoft Office productivity application named "OfficeNote" and distributed it through an application called "OfficeNote.dmg".

The report said that although Apple has revoked the developer's account, Apple's malware blocking tool XProtect did not prevent the app from running.

The malicious tool, first exposed in July, uses a rental model of $199,199 a month (CTOnews.com Note: currently about 1455 yuan) or three accounts for $299 a month (currently about 2186 yuan).

The malware targets Chrome and Firefox browsers and then steals information stored in the user's clipboard through Apple's own API.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.