Enroll Course

100% Online Study
Web & Video Lectures
Earn Diploma Certificate
Access to Job Openings
Access to CV Builder



Online Certification Courses

This $49 malware has the potential to steal all of your Mac data

This $49 malware has the potential to steal all of your Mac data. 

This $49 malware has the potential to steal all of your Mac data

Several new strains of malware have been identified in the wild by security researchers from Check Point Research, and they have evolved to steal data from MacOS users.

This new malware strain has been dubbed “XLoader” and is a descendant of the infamous Formbook malware, which has been active for more than five years at this point. Even though Formbook was originally intended to be a simple keylogger, cybercriminals quickly recognized its potential as a universal tool, prompting the product's creator to temporarily suspend sales before re-launching it under the name XLoader.

While Formbook was previously used to target primarily Windows users, its rebranding as XLoader last year added a number of new capabilities, including the ability to target users of Mac computers.

What makes XLoader so dangerous is that a license for the malware can be purchased on the Dark Web for as little as $49. This makes the malware particularly dangerous. The purchase of an XLoader license provides cybercriminals with the ability to harvest log-in credentials, collect screenshots, log keystrokes, and execute malicious files on the victim's computer, among other things.

XLoader malware

In a study conducted between December of last year and June of this year, Check Point Research discovered that more than half (53 percent) of the victims infected with the malware reside in the United States. China was the worst-hit country with only nine percent of the total. Mexico and Germany were next with five percent and three percent of the total respectively.

Given that XLoader is spread through spam emails that contain malicious files, Check Point Research recommends that users avoid opening suspicious email attachments, visiting suspicious websites, and using malware removal software in order to avoid having their Mac or PC infected with the virus.

However, if you believe your system has been infected, the cybersecurity firm recommends that ordinary users consult with a security professional because XLoader is a stealthy and difficult to detect virus.

Users with more experience can run Autorun on their Macs, check their username in the operating system, navigate to the /Users/[username/Library/LaunchAgents directory, and search for suspicious filenames to determine if they are infected with the virus. After removing any suspicious files from your system, XLoader should be removed as well, though this method is not recommended for inexperienced users.

Yariv Balmas, head of cyber research at Check Point Software, provided an explanation for why cybercriminals are increasingly targeting Mac users, stating that

“While there may be a distinction between malware for Windows and malware for MacOS, that distinction is gradually closing over time. The fact of the matter is that MacOS malware is becoming more widespread and dangerous. Our most recent findings serve as an excellent illustration and confirmation of this growing trend. In light of the increasing popularity of MacOS platforms, it is understandable that cyber criminals would show increased interest in this domain, and I personally expect to see an increase in cyber threats based on the Formbook malware family in the future. I would think twice before opening any attachments from emails that I receive from senders that I am unfamiliar with."

Corporate Training for Business Growth and Schools