Common Windows Malware Can Now Infect Macs

A common form of malware on Windows systems has been modified into a new strain called "XLoader" that can also target macOS (via Bleeping Computer).

macOS Malware Feature
Derived from the Formbook info-stealer for Windows, XLoader is a form of cross-platform malware advertised as a botnet with no dependencies. It is used to steal login credentials, capture screenshots, log keystrokes, and execute malicious files. The malware was discovered by security researchers at Check Point Software.

A server hosting the macOS version of XLoader is available to bad actors on the dark web for $49 per month. Check Point tracked XLoader for a six-month period, seeing requests from 69 countries, indicating significant use across the world. More than half of all victims were based in the United States.

Formbook continues to be a prevalent threat, being part of over 1,000 malware campaigns in the last three years, and XLoader is expected to have even wider use given its cross-platform capability and greater level of sophistication.

Head of Cyber Research at Check Point, Yaniv Balmas, said that macOS's growing popularity has exposed it to increasing attention from cybercriminals, who see the platform as a worthwhile target.

While there might be a gap between Windows and macOS malware, the gap is slowly closing over time. The truth is that macOS malware is becoming bigger and more dangerous.

According to Check Point, XLoader is stealthy enough for it to remain hidden to most users. It is possible to check for its presence by using macOS's Autorun to check the username in the OS and look into the LaunchAgents folder, where entries with suspicious filenames should be deleted.

Tag: Malware

Popular Stories

New Things Your iPhone Can Do in iOS 18

18 New Things Your iPhone Can Do in iOS 18.2

Wednesday November 27, 2024 5:05 am PST by
Apple is set to release iOS 18.2 in early December, bringing the second round of Apple Intelligence features to iPhone 15 Pro and iPhone 16 models. This update brings several major advancements to Apple's AI integration, including completely new image generation tools and a range of Visual Intelligence-based enhancements. There are a handful of new non-AI related feature controls incoming as...
iphone 16 pro models 1

12 Reasons to Wait for Next Year's iPhone 17

Friday November 29, 2024 5:17 am PST by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models simultaneously, which is why we sometimes get rumored feature leaks so far ahead of launch. The iPhone 17 series is no different – already we have some idea of what to expect from Apple's 2025 smartphone lineup. If you plan to skip...
Whatsapp Feature

WhatsApp to Drop Support for These iPhones Starting May 2025

Monday December 2, 2024 2:57 am PST by
WhatsApp is set to end support for iOS versions older than iOS 15.1 from May next year, removing the chat platform's compatibility with several iPhone models in the process. From May 5, 2025, WhatsApp will no longer be compatible with iPhone 5s, iPhone 6, and iPhone 6 Plus models. Users with those devices won't be able to access the encrypted chat service after the specified date unless they ...
Apple AI Command Center Concept Mock 3

Apple Expected to Launch This All-New Device Next Year

Wednesday November 27, 2024 1:05 pm PST by
Apple is expected to kick off 2025 by launching an all-new smart home hub, also referred to as a "command center," as early as March. The hub is expected to feature around a six-inch display that can be attached to a tabletop base with a speaker, or mounted on a wall. The device is said to run a new "homeOS" operating system with a customizable widget-focused home screen, and it is expected...
iPhone 17 Pro Dual Tone Rectangle Feature 1

iPhone 17 Pro Already Rumored to Have These 8 New Features

Wednesday November 27, 2024 12:19 pm PST by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch for 10 more months, there are already plenty of rumors about the devices. An imaginative iPhone 17 Pro concept based on rumors Below, we recap key changes rumored for the iPhone 17 Pro models so far: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro ...
maxresdefault

The MacRumors Show: iPhone 17 Designs Revealed!

Friday November 29, 2024 9:34 am PST by
On this week's episode of The MacRumors Show, we discuss the recently leaked design of the iPhone 17 "Air" and iPhone 17 Pro. Subscribe to The MacRumors Show YouTube channel for more videos Earlier this week, a report from The Information's Wayne Ma revealed that the iPhone 17 Air will have a thickness of between 5mm and 6mm, which would make it the thinnest iPhone ever. In comparison, iPhone ...
airpods pro 2 gradient

AirPods Pro 3 Expected Next Year: Here's What We Know

Thursday November 28, 2024 3:30 am PST by
Despite being released over two years ago, Apple's AirPods Pro 2 continue to dominate the wireless earbud market. However, with the AirPods Pro 3 expected to launch sometime in 2025, anyone thinking of buying Apple's premium earbuds may be wondering if the next generation is worth holding out for. Apart from their audio and noise-canceling performance, which are generally regarded as...
Cyber Monday Deals Feature 2022

Apple Cyber Week Deals Available Now: AirPods, iPads, and More

Sunday December 1, 2024 7:52 am PST by
Although Black Friday has ended, Cyber Week is here and you can find great deals on numerous Apple devices right now. This includes big savings on AirPods, Apple Watch, MacBook Air, iPad, and more. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running. Specifically,...

Top Rated Comments

Sciomar Avatar
44 months ago

No matter what these Mac’s are protected. Let’s be real here.
I know we should all know this but for everyone in the room, Mac's have always been able to get a virus. They were such a small subset of the computing world the payoff wasn't huge. Things have changed with the more mainstream adoption of Macs and now it's open season for the bad guys.
Score: 33 Votes (Like | Disagree)
npmacuser5 Avatar
44 months ago
How does one get this malware? Important to know one has it but how did one get it just as important.
Score: 24 Votes (Like | Disagree)
skitidetdu Avatar
44 months ago

It is possible to check for its presence by using macOS's Autorun to check the username in the OS and look into the LaunchAgents folder, where entries with suspicious filenames should be deleted.
Can somebody explain what this means?

Edit: found a LaunchAgents folder in the library. Don't understand what AutoRun is
Score: 23 Votes (Like | Disagree)
urgs Avatar
44 months ago

Infection path would be good information.

Also, I generally find LittleSnitch to be a great defense against this kind of thing (as long as the virus doesn't disable it). It may still exist, but you can identify it by network access.

Can somebody explain what this means?

Edit: found a LaunchAgents folder in the library. Don't understand what AutoRun isFound something at 9to5mac
Found something at 9to5mac

1. Go to /Users/[username]/Library/LaunchAgents directory
2. Check for suspicious filenames in this directory (example below is a random name)

/Users/user/Library/LaunchAgents/com.wznlVRt83Jsd.HPyT0b4Hwxh.plist

if there is a file named like above, it's very likely you have been infected
Score: 22 Votes (Like | Disagree)
Blackstick Avatar
44 months ago
So XProtect gets new definitions and this becomes a non-issue...
Score: 13 Votes (Like | Disagree)
TheYayAreaLiving ?️ Avatar
44 months ago
No matter what these Mac’s are protected. Let’s be real here.

When was the last time you encountered your Mac got a virus?
Score: 13 Votes (Like | Disagree)