Update Agent, the malware that has been infecting Macs for over a year

Merouan Goumiri

February 08, 2022 at 09:25



© Apple

If you haven’t heard its name before, UpdateAgent is a malware
present on Mac for many months and would be on the way to becoming more and more malicious…

Taking control of your Apple computer remotely or even absorbing your personal data… This is malware that must be closely monitored.

Malware that evolves

It’s been about 14 months since UpdateAgent invaded computers from the apple brand. Originally without serious consequences for users, now it has recently been strengthened by its creators, making it now much more formidable than it was in the past. Indeed, this malware is now able to install a back door persistent on Macs, thus having the effect of taking control of the computer remotely and stealing all personal data, including banking information.

Known since the end of 2020, this malware, originally classic and without much apparent danger, therefore becomes to be taken very seriously. But its dangers are not limited only to data theft since, according to Microsoft, it goes so far as to send a signal to alert the hackers who are behind it that it is indeed active on the device. targeted.

Adload, a dreaded adware

In order to achieve its objectives, UpdateAgent takes advantage of its infiltration into your computer to automatically install an adware named “Adload”. According to Microsoft researchers, Adload exploits a Person-in-The-Middle (PiTM) attack by installing a web proxy to hijack search engine results and inject unwanted advertisements into web pages. This therefore has the effect of sucking advertising revenue from the owners of the sites in question to the operators behind the attack.

To conclude on Adload, here is what Microsoft has to say about it: ” Adload also comes from an exceptionally persistent line of malware. It is able to open backdoor to download and install other adware besides collect system information which send to hackers control server. Since UpdateAgent and Adload are able to install additional payloads, hackers can rely on both software to launch more dangerous malware in future campaigns “.

As you will have understood, this malware that has been hitting Apple computers for over a year has suddenly become very virulent after months of harmlessness. If you are a macOS user, it is therefore strongly recommended to install an antivirus on your computer without further delay. The latter can be very effective against UpdateAgent and Adload.

On the same subject :
DazzleSpy, the new malware targeting macOS integrates a keylogger and can activate the microphone

Source: Ars Technica

Source link -99