Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11XLoader malware attacks Mac users, collects login information, takes screenshots
According to CPR, XLLoader is a new strain of the famous Frombook malware that mainly targets Windows users. However, as of 2018 Frombook is no longer for sale by its author on the dark web.
In 2020, Frombook returns with a new name, XLLoader. Over the past 6 months, XLLoader has been rampant and not just targeting Windows anymore. XLoader caught CPR by surprise when it hit Mac users as well.
Another special feature is that XLLoader is sold on the Darknet for as low as 49 USD. Hackers who own XLLoader can deploy it to collect logins, collect screenshots, log keystrokes, and run other malicious files.
Victims are tricked into downloading XLLoader through fake emails that include Microsoft Office documents containing malicious code.
CPR shared that Mac computer owners are often complacent that macOS is more secure than Windows, so it is difficult to get infected with malicious code. However, now more and more malware is targeting macOS with increasing danger.
macOS is becoming more and more popular, so cybercriminals are more and more interested in this platform. After XLoader, there will be other malicious codes targeting Mac users.
To check if your Mac is infected with XLoader, you can follow these steps:
- Access directory: /Users/[username]/Library/LaunchAgents
- Check for files with suspicious names in this directory, for example a file with a random name like this: /Users/user/Library/LaunchAgents/com.wznlVRt83Jsd.HPyT0b4Hwxh.plist
Like other malicious code, to reduce the risk of XLoader infection, you should avoid accessing untrusted websites, be careful with attachments.
Jessica TannerYou should read it
- What is malware analysis? How are the steps taken?
- A new kind of malware is spreading through Messenger and Skype spam messages
- 5 signs of computer infection with malware
- How to Remove Malware from a Mac
- Microsoft warned about malware attacking XP
- ChromeLoader malware rages around the world, attacking both Windows and Mac
- The 4 most common ways to spread malware today
- Tips to increase security for Mac OS X
May be interested
- Modular Malware - New stealth attack method to steal data
some malware variants can use different modules to change the way they affect the target system. so what is modular malware and how does it work? - Tips to increase security for Mac OS Xfacing the risk of malware attacks for mac users, kaspersky lab has provided valuable advice to enhance mac protection.
- Find Login in SQL Serverare there any queries in sql server that return all login accounts and information about them?
- What is malware analysis? How are the steps taken?what is malware analysis? in what situations do we need to conduct malware analysis? how is the malware analysis process implemented?
- Warning: New malware can hijack Vietnamese users' access to Facebook and Gmaila new line of malicious code using plugx rat is attacking vietnamese users.
- What is Malware Fork Bomb? How does it work?cybercriminals organize attacks using code snippets. they can try to steal personal information from the computer or damage the entire system.
- More than 1.7 billion cyber attacks in 2013mobile is a fast growing it sector. in 2013, security issues around mobile devices have reached a new level of increase in both quantity and quality. if 2011 was the year the mobile malware started to attract attraction to hackers, then in 2013, these malicious software became more complete and sophisticated.
- What should users do when their iPhone is attacked by malware?apple has just sent notices to iphone users in 92 countries about the risk of becoming targets of attacks by 'mercenary malware'.
- 3 things that antivirus software can't doinstalling and updating antivirus software is extremely important. young internet users will not be able to know the time when there is no anti-virus software and the constant threat of malware and phishing attacks always make people nervous and forced to find ways. to protect your documents and information. there are many antivirus programs available to help protect your system.
- Ako ransomware is raging all over the world, what do you know about this ransomware?ako was first discovered when a victim posted information about an infection he encountered on the bleeping computer security forum.
Attack the network
- Defender for Identity detects PrintNightmare vulnerability, reducing risk for Print Spooler
- HelloKitty Ransomware Using Linux Variant Attacks VMware ESXi Server
- Beware of BIOPASS malware hidden in Chinese online gambling sites
- Warning of dangerous vulnerabilities on WinRAR, users should uninstall or upgrade to a new version
- Warning: The number of malware designed to target the M1 chipset is increasing rapidly, making it harder to detect
- Kaseya suffered a ransomware attack, affecting a series of other technology companies
Defender for Identity detects PrintNightmare vulnerability, reducing risk for Print Spooler
HelloKitty Ransomware Using Linux Variant Attacks VMware ESXi Server
Beware of BIOPASS malware hidden in Chinese online gambling sites
Warning of dangerous vulnerabilities on WinRAR, users should uninstall or upgrade to a new version
Warning: The number of malware designed to target the M1 chipset is increasing rapidly, making it harder to detect
Kaseya suffered a ransomware attack, affecting a series of other technology companies