Common Windows malware migrates to Mac

A highly popular malware for stealing information from Windows has been modified into a new strain called XLoader, which can also target superior macOS systems.

Common Windows malware migrates to Mac

Ionut Ilascu for Bleeping Computer:

XLoader is currently being offered on an underground forum as a botnet loader service that can “recover” passwords from web browsers and some email clients (Chrome, Firefox, Opera, Edge, IE, Outlook,Thunderbird, Foxmail).

Derived from the Formbook info-stealer for Windows, XLoader emerged last February and has grown in popularity, advertised as a cross-platform (Windows and macOS) botnet with no dependencies.

The connection between the two malware pieces was confirmed after a member of the community reverse-engineered XLoader and found that it had the same executable as Formbook…

Yaniv Balmas, Head of Cyber Research at Check Point Software, says that XLoader is “is far more mature and sophisticated than its predecessors [i.e. Formbook].”

macOS’s growing popularity exposed it to unwanted attention from cybercriminals, who are now seeing the OS as an attractive target.

MacDailyNews Take: Windows is the Typhoid Mary of the internet.


  1. Windows is the COVID-19 of the internet.

    MacOS is the vaccine. You can still get infected but the symptoms are minor.

    Also don’t use the password protection of your browser, use 1password, or better still, keychain access.

  2. I suspect Apple will find a way to prevent this from working in the next Mac OS updates.. And they may find a workaround to continue to break in..

    Ultimately however if you just don’t browse questionable sites, click on links in phishing emails, They are usually relatively obvious, and perhaps as noted, use other password managers, you’ll probably be fine.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.