Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

This MacOS Trojan stealthily lifts your data, says Microsoft

You might think that your Mac is invulnerable to viruses and other security threats, but you might want to think again. As part of its commitment to intelligence sharing and collaboration, Microsoft recently exposed the evolution of a MacOS Trojan that can stealthily lift your personal data.

First spotted in September 2020, Microsoft says this piece of malware, known as UpdateAgent,  has increasingly progressed to “sophisticated capabilities.” Though it also indicated that the latest two versions are still more “refined,” Microsoft does warn that the malware is again being developed, and more updates could come soon.

Related Videos
MacBook on a chair with the TV app on the screen.

It is so bad, that Microsoft believes this malware can be leveraged to fetch more dangerous payloads beyond just the adware that it is already injecting into victim machines.

But how does it work? Per Microsoft, the UpdateAgent malware can impersonate real software, and then take Mac functionalities under its own control. It is usually first installed to victim Macs by automated downloads without a user’s consent, or advertisement pop-ups, which impersonate video applications and support agents. UpdateAgent can even bypass Gatekeeper, which usually makes sure that only trusted apps can run on Macs. The Malware then takes over a machine and performs malicious acts like injecting adware.

Microsoft worked with Amazon Web Services to pull the URLs used by UpdateAgent to inject adware, but the UpdateAgent campaign has steadily evolved. It went from basic information stealer in December 2020, to the ability to fetch and deliver .DMG files in February 2021, to being able to fetch and deliver .ZIP files in March 2021.

Later in August, the malware expanded its reconnaissance function to scan and collect System_profile and SPHardwaretype information from victim machines. At its worst point in August, the malware even used permissions and wrote its own code to trick Gatekeeper into thinking it’s not even there.

“UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns,” Microsoft said Microsoft.

Microsoft wasn’t clear which versions of MacOS are impacted by UpdateAgent, but it did have some advice that goes beyond using antivirus software. It pointed to using the Microsoft Edge browser, which can block and scan for malicious websites. Other tips include restricting access to privileged resources, installing apps only from the app store, and running the latest versions of MacOS and other applications.

Editors' Recommendations

Ranking all 12 versions of Windows, from worst to best
Windows 7 desktop.

You can tell a person's age by which version of Windows is their favorite. I have fond memories of XP and Windows 98 SE, so you can take a guess at mine, but I have colleagues who are much more enamored with Windows 7, or Windows 95. We all have something disparaging to say about Windows 8 though, and the less said about Windows Vista the better.

Ranking the different versions of Windows is about more than what era of computing you grew up in, though. There are some very serious duds in Microsoft's back catalog, just as there are a few wins too. But whether you can look back on some of Microsoft's disastrous releases with rose-tinted glasses, or have some genuine love for Microsoft's missteps, here's every version of Windows ranked from best to worst.
12. Windows ME

Read more
If you use this free password manager, your passwords might be at risk
Office computer with login asking for password and username.

Researchers have just found a flaw within Bitwarden, a popular password manager. If exploited, the bug could give hackers access to login credentials, compromising various accounts.

The flaw within Bitwarden was spotted by Flashpoint, a security analysis firm. While the issue hasn't received much -- or any -- coverage in the past, it appears that Bitwarden was aware of it all along. Here's how it works.

Read more
MacGPT: how to use ChatGPT on your Mac
The MacGPT app for macOS Monterey and Ventura.

Apple might not officially be in the AI space, but a developer has created a legitimate way to bring ChatGPT to macOS and make the chatbot accessible from your menu bar.

The aptly named MacGPT is an application developed by Jordi Bruin that allows you to install ChatGPT as a remote browser on your Mac desktop. The application has been available since the 2022 holiday season and has garnered over 370 ratings, many of which are five stars. MacGPT is currently free, however, Bruin accepts donations. Once out of beta, he will make MacGPT available at the App Store, where it will sell for $5.

Read more