• Latest
  • Trending
UpdateAgent malware variant impersonates legitimate macOS software – HackRead

UpdateAgent malware variant impersonates legitimate macOS software – HackRead

22.10.2021

American basketball star Griner pleads guilty in drug trial in Russia – Al Jazeera

07.07.2022
Leclerc: shared Ferrari suggestions "fake" amid Binotto Monaco talks

Leclerc: shared Ferrari suggestions "fake" amid Binotto Monaco talks

07.07.2022
Ajax defender Jurrien Timber annoys Manchester United fans with tweet after failed transfer to Old Trafford

Ajax defender Jurrien Timber annoys Manchester United fans with tweet after failed transfer to Old Trafford

07.07.2022
Safe Home, a new play by Tom Hanks, world premiere on the stages of Shadowland – TheaterMania.com

Safe Home, a new play by Tom Hanks, world premiere on the stages of Shadowland – TheaterMania.com

07.07.2022
Large Hadron Collider: CERN scientists observe three ‘exotic’ particles for the first time

Large Hadron Collider: CERN scientists observe three ‘exotic’ particles for the first time

07.07.2022
Stocks making the biggest moves at noon: GameStop, Virgin Galactic, Bed Bath & Beyond and more

Stocks making the biggest moves at noon: GameStop, Virgin Galactic, Bed Bath & Beyond and more

07.07.2022
‘It’s Del Boy’ – Eddie Hearn recalls buying a Rolex from Derek Chisora ​​after he fought Dillian Whyte – only for him to sell it the next day

‘It’s Del Boy’ – Eddie Hearn recalls buying a Rolex from Derek Chisora ​​after he fought Dillian Whyte – only for him to sell it the next day

07.07.2022

Sony Music pulls 3 Michael Jackson songs from streaming platforms amid allegations and confusion over lead vocals – Reuters

07.07.2022
Nicki Minaj shows her support for Kenneth Petty on Instagram after his house arrest sentence

Nicki Minaj shows her support for Kenneth Petty on Instagram after his house arrest sentence

07.07.2022
Good luck killing Big Pipe, Birdeye, and Knight!  – Future game releases

Good luck killing Big Pipe, Birdeye, and Knight! – Future game releases

07.07.2022
Yu Gi Oh!  Creator Kazuki Takahashi dead at 60 – NPR

Yu Gi Oh! Creator Kazuki Takahashi dead at 60 – NPR

07.07.2022
India’s ruling party seizes control of its wealthiest state

India’s ruling party seizes control of its wealthiest state

07.07.2022
Thursday, July 7, 2022
  • World
  • Economics
  • Sport
    • Basketball
    • Football
    • Nfl
    • Golf
    • F1
    • UFC
  • Technology
  • Culture
    • Arts
  • Media
    • Film
    • Celebs
    • TV
  • LifeStyle
    • Auto
  • Travel
OLTNEWS
  • World
  • Economics
  • Sport
    • Basketball
    • Football
    • Nfl
    • Golf
    • F1
    • UFC
  • Technology
  • Culture
    • Arts
  • Media
    • Film
    • Celebs
    • TV
  • LifeStyle
    • Auto
  • Travel
OLTNEWS
No Result
View All Result

Home » Technology » UpdateAgent malware variant impersonates legitimate macOS software – HackRead

UpdateAgent malware variant impersonates legitimate macOS software – HackRead

22/10/2021 22:02:17
in Technology
0
0
SHARES
Share on WhatsappShare on Facebook

Related posts

Sony Music pulls 3 Michael Jackson songs from streaming platforms amid allegations and confusion over lead vocals – Reuters

07.07.2022
Top 6 Ways To Fix Package Parsing Error Issue On Android – Guiding Tech

Top 6 Ways To Fix Package Parsing Error Issue On Android – Guiding Tech

07.07.2022

The new variant of the UpdateAgent malware is also capable of removing adware against macOS.

Computer security researchers at Microsoft Security Intelligence have discovered a new variant of the UpdateAgent (aka WizardUpdate) malware that targets Mac devices. UpdateAgent was initially discovered in November 2020 targeting macOS.

New variant, new capabilities, new adware

In a series of tweets, Microsoft explained that the variant is equipped with new features, including increased persistence and evasion tactics. This indicates that the malware is not only difficult to detect, but also difficult to eliminate.

Another malicious capability of the malware includes the abuse of the public cloud infrastructure to host additional payloads. For example, during an infection, UpdateAgent installs new adware called Adload.

According to the researchers, although the malware collects and sends system information to a C2 server, one of the most notable additions to the malware’s capabilities is its ability to bypass Apple’s Gatekeeper security feature. It does this by removing the quarantine attributes from the downloaded file.

The screenshot below shows the evolution of Trojan: MacOS / UpdateAgent.B (aka WizardUpdate):

Evolution of Trojan: MacOS / UpdateAgent.B (aka WizardUpdate):

FYI, Gatekeeper is the backbone of macOS security as it verifies downloaded apps and applies code signing before allowing them to run on Macbooks. This reduces the possibility of running malware.

However, as OSX / Dok malware, UpdateAgent also bypasses the Gatekeeper security feature, making it a persistent threat.

The malware also exploits existing user permissions to create folders on the affected device. It uses PlistBuddy to create and modify Plists in LaunchAgent / LaunchDeamon for persistence. It then covers its tracks by removing folders, files and other artifacts created, researchers tweeted.

UpdateAgent malware Impersonates legitimate software

The modus operandi of the new variant is to pretend to be legitimate software. As of yet, Microsoft has not disclosed precisely which software is spoofed by the malware. However, the company believes the new variant is being distributed via drive-thru downloads.

A nuisance download attack refers to the unintentional downloading of malware or malicious code by users to their computers. Simply put: software downloaded with the user’s permission without understanding the consequences (a virus mimicking game mods for example) is called a drive-through download.

New variant of UpdateAgent Mac malware

How to protect your Mac devices from cyber attacks?

Most software for macOS comes with a premium charge, so it’s easy to trick unsuspecting users into downloading malware by masquerading as legitimate software. That is why it is important to refrain from downloading pirated programs or software from third party websites / marketplaces.

Nevertheless, since Mac devices are constantly subject to cyber attacks, it is essential that users master the art of protecting their devices. Here are some simple tips to follow:

  • Use VPN software
  • Disable remote connection
  • Use two built-in firewalls
  • Disable automatic user login
  • Update your Mac OS X regularly
  • Install reliable antivirus software for Mac
  • Configure GateKeeper to prevent digitally unsigned apps
  • Disable Java and automatically download in Safari browser.

Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.



Share this:

  • Twitter
  • Facebook

Like this:

Like Loading...

Related

Previous Post

Candace Cameron Bure reveals why she doesn’t want permanent seat on ‘The View’ talk show – IWMBuzz

Next Post

Patrice Evra reveals he was sexually assaulted as a teenager as Manchester United legend opens up ahead of new autobiography

Related Posts

Technology

Sony Music pulls 3 Michael Jackson songs from streaming platforms amid allegations and confusion over lead vocals – Reuters

07.07.2022
0

Michael Jackson (1958 - 2009) stands in a graffiti filled subway car during the filming of the music video for...

Read more
Top 6 Ways To Fix Package Parsing Error Issue On Android – Guiding Tech

Top 6 Ways To Fix Package Parsing Error Issue On Android – Guiding Tech

07.07.2022
Philips Hue Sync comes to Samsung TVs via major SmartThings update – NextPit

Philips Hue Sync comes to Samsung TVs via major SmartThings update – NextPit

07.07.2022

Huawei MatePad Pro 12.6 June 2022 HarmonyOS update improves system apps [CN] – HC Newsroom

07.07.2022

Microsoft Outlook is testing a new notifications pane among Windows Insiders – Windows Central

07.07.2022

Google Maps for Android adds nearby traffic widget [U: Live] – 9to5Google

07.07.2022
Load More
Next Post
Patrice Evra reveals he was sexually assaulted as a teenager as Manchester United legend opens up ahead of new autobiography

Patrice Evra reveals he was sexually assaulted as a teenager as Manchester United legend opens up ahead of new autobiography

Recent Posts

  • American basketball star Griner pleads guilty in drug trial in Russia – Al Jazeera
  • Leclerc: shared Ferrari suggestions "fake" amid Binotto Monaco talks
  • Ajax defender Jurrien Timber annoys Manchester United fans with tweet after failed transfer to Old Trafford
  • Safe Home, a new play by Tom Hanks, world premiere on the stages of Shadowland – TheaterMania.com
  • Large Hadron Collider: CERN scientists observe three ‘exotic’ particles for the first time

Archives

  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • EN

© 2020

No Result
View All Result
  • World
  • Economics
  • Sport
    • Basketball
    • Football
    • Nfl
    • Golf
    • F1
    • UFC
  • Technology
  • Culture
    • Arts
  • Media
    • Film
    • Celebs
    • TV
  • LifeStyle
    • Auto
  • Travel

© 2020

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.
%d bloggers like this: