XLoader Malware Infects Macs Now: Record Keystrokes, Screenshots, and More

XLoader malware was developed to attack Mac computers after its damage was limited to Windows devices, reflecting the development of malware known as Formbook, which allows the attacker to Record keystrokes, record screenshots, and access other private information.

Worryingly, the malware is sold on the dark web for $49, allowing anyone to spread it against Windows and Mac users, and it requires user action to run it, as attackers usually send an email containing the malware attached to documents such as Microsoft Office. 

Experts at the popular security firm Check Point Research have found a new strain of malware that has evolved to steal information from MacOS users.

The new strain called “Xloader” is derived from the famous “FormBook” malware family, which primarily targeted Windows users, but disappeared in 2018, and was brought back to the interface again as “Xloader” in 2020.

Over the past six months, security experts have studied the activities of “Xloader”, and they were surprised that it targets not only Windows, but also Mac users.

Hackers can buy this software from the dark web for cheap, providing it with capabilities to obtain login credentials, collect screenshots, log keystrokes, and run malicious files.

This poses a potential threat to all Mac users (Apple estimated that more than 100 million Macs were in use in 2018), and the Xloader remains hidden inside the device, meaning it is difficult to tell if a Mac is infected with it.

As with any malware you can reduce your risk of infection by avoiding inaccurate websites and being careful with attachments, and you should never open an attachment unless you know and expect the sender, because it is common for attackers to spoof an email address.

Yaniv Palmas, head of cyber research at Check Point, said that this discovery will negatively affect Mac owners. Historically, malicious “Mac OS” programs have not been common, usually fall into the “spyware” category and do not cause much harm.

There is a common misconception among macOS users that Apple platforms are more secure than other widely used platforms, and while there may be a gap between malware for Windows and macOS, the gap is narrowing slowly over time.

The truth is that macOS malware is becoming more and more dangerous, and recent findings by researchers are an excellent example and confirm this growing trend. With the increasing popularity of macOS platforms, it makes sense that cybercriminals are showing more interest in this area. Seeing more cyber threats after the FormBook family of malware.