• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 23rd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Technology News
Apple News

Researchers Discover Yet Another Malware Designed to Compromise Mac Devices

February 16th, 2017 Waqas Security, Apple News, Malware 0 comments
Researchers Discover Yet Another Malware Designed to Compromise Mac Devices
Share on FacebookShare on Twitter

Bitdefender, renowned IT security/antivirus firm, has identified that the latest strain of Xagent for Mac is being used as a backdoor for intruders. After the malware is installed via Komplex downloader, it looks for a debugger’s presence and if it isn’t found it waits for network connection to be enabled to contact its C&C servers. The attackers then activate specific payload modules. 

A Russian hacking group APT28 is believed to be playing a role in the development of tools to infiltrate and infect systems that run on Windows, iOS, Linux and Android. Perhaps now their primary target has become Mac devices, which is why we are receiving reports about one Mac malware after another.

“Xagent’ malware infects Mac, steals passwords, iPhone backups and screenshots.”

More: OS X devices targeted by APT28 group with new Trojan called Komplex

In their blog post published on Tuesday, Bitdefender researchers explained that Xagent’s Mac version could be customized to perform tasks like intrusion, obtaining passwords, taking screenshots and stealing iOS backups that are stored on the infected Mac device. Xagent is a payload with modules that can search the system configuration of Mac devices, offload running processes and launch executable codes. 

The aspect that hinted at the involvement of APT28 [Pdf] in the distribution of Xagent is the file path located in the malware’s binary file that showed the writer of Komplex developed it. Komplex is a first-stage Trojan that was used by Sofacy too to compromise devices. According to the findings of Bitdefender researchers, Xagent’s Mac version is being planted by Komplex too.

The APT28 group has been active since 2007 and shares close ties with the Russian government. The group’s members are well-versed in Russian and operate according to Russian business timings while they usually attack Ukraine, Romania, US, Canada and Spain, which probably are facts that led to the assumption that it is linked with Russia.

More: France Believes Russia Hacked TV5Monde Posing as ISIS Hackers

[fullsquaread][/fullsquaread]

Last year another group going by the handle of FancyBears leaked sensitive documents from World Anti-Doping Agency (WADA) exposing several athletes involved in doping. The same group was also blamed for targeting MH17 crash investigators with a spear-phishing campaign. As a result; security researchers concluded a close relationship between APT28 and FancyBears.


DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.

  • Tags
  • Apple
  • APT28
  • Cyber Crime
  • Fancy Bears
  • hacking
  • internet
  • Mac
  • Malware
  • Privacy
  • Russia
  • security
Facebook Twitter LinkedIn Pinterest
Previous article World’s Sturdiest Phone Nokia 3310 To Be Relaunched this Year
Next article Another Yahoo Hack: Company Issues Security Notice to Users
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Hacked Android phones mimicked connected TV products for fake ad views

Hacked Android phones mimicked connected TV products for fake ad views

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Play Store apps plagued with malware have 700,000 downloads

Play Store apps plagued with malware have 700,000 downloads

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Hacked Android phones mimicked connected TV products for fake ad views
Cyber Crime

Hacked Android phones mimicked connected TV products for fake ad views

Signal CEO hacks Cellebrite cellphone hacking, cracking tool
Hacking News

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Play Store apps plagued with malware have 700,000 downloads
Security

Play Store apps plagued with malware have 700,000 downloads

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us