"New Variant of XLoader macOS Malware Disguised as 'OfficeNote' Productivity App"

A new variant of the macOS malware XLoader has emerged, masking its malicious capabilities with the office productivity app OfficeNote. The new version of XLoader is packaged within a standard Apple disk image named "OfficeNote[.]dmg," according to an analysis by SentinelOne security researchers. The contained application is signed with the developer signature "MAIT JAKHU (54YDV8NU9C)." XLoader, discovered in 2020, is considered Formbook's successor. It is an information stealer and keylogger distributed via the Malware-as-a-Service (MaaS) model. In July 2021, a macOS variant of the malware emerged, distributed as a Java program in the form of a compiled .JAR file. This article continues to discuss the new variant of the XLoader macOS malware. 

THN reports "New Variant of XLoader macOS Malware Disguised as 'OfficeNote' Productivity App"


 

Submitted by Anonymous on