Mac’s malware is getting bigger, harder and dirt cheaper

by -
Photo: Justin Sullivan (Getty Images) – New research shows that the dark web has the capacity to log your keystrokes and steal your data – everything at a low, low price – with cheap, creepy malware.

A disturbing element of modern cybercrime is how easy it is to find powerful and invasive tools, which can be totally disaster-sensitive on the computer of an unsuspecting victim.

Nowadays it is like a subscription model, which allows developers to license their malware to any paying Dark Web client. These customers don’t even need much knowledge in most cases, as most tools are automated.

A good example is from researchers with Check Point, who just recently discovered a Web-based product such as “XLoader” which is a cheap, accessible program that can be used for hacking information on Windows and macOS devices and for stealing it.

A Wednesday report shows how XLoader is sold on a popular, dark web forum for as little as $49. There, criminals can “license” it to attack by a developer. However, buyers have only a short span of time to access the malware and need to carry out server attacks controlled by the seller. For example, a three month XLoader subscription, which is custom-made for infiltrating MacOS devices, costs $99. In the meantime, the Windows version is more expensive—it is worth $129 to subscribe for three months.

The malware, which is a result of a previous popular malware program known as Formbook, has been deployed in countries around the world, with most victims residing in the United States, according to researchers.

As you can see from an old picture of the Formbook fee structure, it’s not that different for you to have access to such stealthy hacking weapons than to subscribe to an Amazon Prime monthly:

Screenshot: Check Point Research

Like its predecessor, XLoader has all kinds of invasive potential that allows an intruder to log on to the target device, gather logins, collect screenshots and download and deploy other malicious files on the desktop. Additional features include traffic networks and clipboard surveillance. Exploiters write “Fast a hundred applications with browser, mail, FTP and email client” credential recovery feature of XLoader.

The malware is most often spread through the uses of spoofed emails. They are equipped with Microsoft Office malware documents, which will inject into your computer if downloaded. These emails are not available.

“That Apple platforms are safer than other platforms that are widely used, I think is commonly mistaken for macOS users,” said Yaniv Balmas, Check Point Cyber Research Manager. “Whilst Windows and macOS malware may have a divide, over time the divide slowly closes. In reality, macOS malware is growing and becoming increasingly harmful. Our recent findings illustrate this growing trend perfectly.”

While it is not especially enjoyable to imagine what kind of cracks XLoader would want, Check Point offers several basic suggestions to get rid of this mess: do not pocket unprotected websites, monitor your device’s strange actions and, as always, directly send this suspicious email to the trash receptor from an unknown sender. The company also recommends that you run an Autorun feature on your device to search for doubtful sounding file names in the LaunchAgents folder—a location where potential compromises could be visible.