Common Windows malware can now infect Macs

A common form of malware on Windows systems has been changed to a new strain called “XLoader” which can also target macOS (via Beeping computer).

Derived from the Formbook information thief for Windows, XLoader is a form of cross-platform malware touted as a botnet with no dependencies. It is used to steal login credentials, capture screenshots, record keystrokes, and execute malicious files. The malware was discovered by security researchers at Check Point Software.

A server hosting the macOS version of XLoader is available to bad actors on the dark web for $ 49 per month. Check Point followed XLoader for a period of six months, receiving requests from 69 countries indicating high usage around the world. More than half of the victims were based in the United States.

Formbook continues to be a widespread threat, being part of over 1,000 malware campaigns over the past three years, and XLoader is expected to have even wider use given its cross-platform capability and higher level of sophistication. .

Check Point’s head of cyber research, Yaniv Balmas, said the growing popularity of macOS has exposed it to growing attention from cybercriminals, who see the platform as an interesting target.

While there may be a gap between Windows and macOS malware, the gap is slowly narrowing over time. The truth is, macOS malware is getting bigger and more dangerous.

According to Check Point, XLoader is stealthy enough to stay hidden from most users. It is possible to verify its presence by using macOS Autorun to verify the username in the operating system and search in the LaunchAgents folder, where entries with suspicious file names should be removed.