XLoader Malware – A Formbook Offshoot Now Spreading Over Mac Computers
The infamous Formbook info stealer has spawned a new malware strain capable of infecting MS Windows-based machines and macOS devices. Dubbed XLoader, the nasty threat can record keystrokes, make screenshots, and harvest whatever sensitive data it comes across. If this were not enough, the hackers in charge are currently selling Xloader on the Dark Web for $49.00 to make it as widely accessible as it gets. However, there’s a bright side — you will not suffer an infection unless you open the compromised email attachment that contains the malware.
Table of Contents
A Manual Trigger
Although XLoader may have the potential to reach many crooks willing to exploit them, their impact remains somewhat limited because of their architecture. To trigger an XLoader infection, the guy(s) in charge will have to place the malware into a text document, spend it via email to potential victims, hoping that the latter will open the compromised email attachment to launch the infection. In brief, malware execution is only possible via a mouse click in the wrong place. Even if you were to receive an XLoader-laden spam email in your inbox, your machine would remain intact as long as you stay away from that email.
XLoader Features
Hackers who pay $49.00 to get XLoader can exploit the malware to exfiltrate login credentials, log keystrokes, gather screenshots, and, most likely, execute additional malware. Security researchers believe XLoader to have attacked devices in as many as 69 countries over the first few months of its life cycle. While more than half of all recorded instances took place in the United States, no Mac user is immune to an XLoader infection, regardless of their geographical location.
Bridging the Gap
Although Mac-tailored threats are by no means as frequent as their Windows-targeted counterparts, they are slowly gaining in. XLoader is just one of many other recent and past macOS-related parasites and emphasizes the need for greater attention among the growing number of Mac users across the globe. Apple's growing popularity is bound to pique hackers' interest in developing increasingly sophisticated malware to cover a more significant portion of computer users in the years to come.
Check If You’ve Got an XLoader Infection
XLoader can quickly go unnoticed on your system. That is why you'd be better of checking your Mac for suspicious files regularly. To see whether XLoader has found shelter in your system, go to your LaunchAgents directory. If you come across any suspicious-looking and oddly-named files there, chances are they may derive from XLoader or other malware of similar caliber. Remove any random-named files that should not be there. Last but not least, never forget to avoid phishing websites and spoofed emails if you wish to reduce the risk of malware infection to a minimum.