Skip to main content
  1. Home
  2. Computing
  3. News

Possible Russian hacker network may be responsible for new MacOS malware

By

A particularly virulent form of cyberattack was identified when the Stuxnet malware wreaked havoc at Iran’s nuclear processing facilities. Discovered in 2010, the attack resulted in the creation of a new term, “advanced persistent threat” (APT), to designate a cyberattack that is intended to break into a particular target and work over a long period of time at stealing data or breaking down infrastructure.

But the Stuxnet attack was not the first example of an APT. Another, a hacker network dubbed APT28 and linked by some sources with Russian government or criminal elements, has been at work since 2007 targeting a number of industries and sectors in Ukraine, Spain, Russian, Romania, the U.S., and Canada. Anti-malware software company Bitdefender generated a report on APT28 in 2016 and has provided an update on its Bitdefender Labs blog connecting it to new MacOS malware.

Recommended Videos

The specific malware, called Xagent, is cross-platform software that also attacks iOS devices to steal contact and location information, apps lists, photos, and more. The MacOS version of Xagent is aimed at gaining access to passwords, taking screenshots, and most important breaking into iPhone backups to grab the same data as the iOS version.

Please enable Javascript to view this content

Bitdefender has now connected the MacOS version of Xagent with APT28: “Our past analysis of samples known to be linked to APT28 group shows a number of similarities between the Sofacy/APT28/Sednit Xagent component for Windows/Linux and the MacOS binary that currently forms the object of our investigation. For once, there is the presence of similar modules, such as FileSystem, KeyLogger and RemoteShell, as well as a similar network module called HttpChanel.”

In addition, the Xagent sample that Bitdefender’s researchers examined connect to the same command-and-control web address that’s the same as the ones used by APT28. Bitdefender is still conducting its analysis but at least initially it appears that APT28 operators may now have a new tool — compromised MacOS machines — to use in attacking government agencies, political figures, telecommunications, ecrime services, and aerospace companies.

Editors’ Recommendations

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
A new malware threat to macOS adds to the data-stealing surge
Apple MacBook Pro 16 downward view showing keyboard and speaker.

If you still think Macs are inherently safe from malware, think again.

Mac users have another threat to worry about. Cthulhu Stealer, a new Mac malware threat, tries to steal sensitive data such as passwords and cryptocurrency wallets, Cado Security reports in a blog post. The malware threat disguises itself as authentic software to gather login credentials.

Read more
I finally tried Apple Intelligence in macOS Sequoia to see if it lived up to the hype
The redeisgned Siri user interface in macOS Sequoia.

For the last few years, Apple’s macOS releases have been interesting, if not particularly exciting. But that’s all set to change this year with the launch of macOS Sequoia, and it’s all thanks to one feature: Apple Intelligence.

Apple’s artificial intelligence (AI) platform has the potential to completely change how you use your Mac on a daily basis. From generating images, rewriting emails, and summarizing your audio recordings to revamping Siri into a much more capable virtual assistant, Apple Intelligence could be the most significant new macOS feature in years.

Read more
People are arguing about this classic macOS feature, and it’s hilarious
A man sitting at a desk in front of an M1 iMac. Behind him is a large glass window and a set of shelves holding books, plants and ornaments.

Moving from Windows to Mac can be confusing. Long ago, I was a lifelong Windows user before I tried my first Mac, and many of the changes were jarring and confusing. It’s often not the biggest differences that give you pause, either -- it’s the hundreds of tiny discrepancies that are just dissimilar enough to befuddle the heck out of you.

For me, one of the most perplexing changes was how much working with apps in macOS differed from Windows. “You mean I don’t need a wizard to uninstall an app?” I thought. “I can just move it to the Trash? Won't that … break something?”

Read more