A highly popular malware for stealing information from Windows has been modified into a new strain called XLoader, which can also target superior macOS systems.
XLoader is currently being offered on an underground forum as a botnet loader service that can “recover” passwords from web browsers and some email clients (Chrome, Firefox, Opera, Edge, IE, Outlook,Thunderbird, Foxmail).
Derived from the Formbook info-stealer for Windows, XLoader emerged last February and has grown in popularity, advertised as a cross-platform (Windows and macOS) botnet with no dependencies.
The connection between the two malware pieces was confirmed after a member of the community reverse-engineered XLoader and found that it had the same executable as Formbook…
Yaniv Balmas, Head of Cyber Research at Check Point Software, says that XLoader is “is far more mature and sophisticated than its predecessors [i.e. Formbook].”
macOS’s growing popularity exposed it to unwanted attention from cybercriminals, who are now seeing the OS as an attractive target.
MacDailyNews Take: Windows is the Typhoid Mary of the internet.