Microsoft on Wednesday shed light on a previously undocumented Mac trojan that it said has undergone several iterations since its first appearance in September 2020, effectively granting it an "increasing progression of sophisticated capabilities."

The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021.

"The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent's ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads," the researchers said.

The actively in-development malware is said to be propagated via drive-by downloads or advertisement pop-ups that masquerade as legitimate software like video applications and support agents, even as the authors have made steady improvements that have transformed UpdateAgent into a progressively persistent piece of malware.

Chief among the advancements include the capability to abuse existing user permissions to surreptitiously perform malicious activities and circumvent macOS Gatekeeper controls, a security feature that ensures only trusted applications from identified developers can be installed on a system.

In addition, UpdateAgent has been found to take advantage of public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its second-stage payloads, including adware, in the form of .DMG or .ZIP files.

Once installed, the Adload malware makes use of ad injection software and man-in-the-middle (MitM) techniques to intercept and reroute users' internet traffic through the attacker's servers to insert rogue ads into web pages and search engine results to increase the chances of multiple infections on the devices.

"UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns," the researchers cautioned.

More info

• Hack Tools Online
• How To Install Pentest Tools In Ubuntu
• World No 1 Hacker Software
• Hack App
• Hacker Tools Hardware
• Hacker Tools Online
• Beginner Hacker Tools
• Hacker Security Tools
• Hacker Tools For Ios
• Physical Pentest Tools
• Pentest Tools Url Fuzzer
• Hacking App
• Hacking Tools Free Download
• Hacker Tools Windows
• Hacker Tools For Mac
• Pentest Tools For Windows
• Hacker Tools Linux
• Pentest Tools
• Beginner Hacker Tools
• Best Hacking Tools 2020
• Hack Tools For Mac
• Pentest Box Tools Download
• Hacker Tool Kit
• Hack Website Online Tool
• Wifi Hacker Tools For Windows
• Beginner Hacker Tools
• What Are Hacking Tools
• Free Pentest Tools For Windows
• Pentest Tools For Mac
• Pentest Tools Download
• Hacking Tools Windows
• Hacker Hardware Tools
• Hacker Tools Hardware
• Hacker Tools Linux
• Hacking Tools Github
• Pentest Tools Free
• Nsa Hack Tools Download
• Hacker Tools Apk
• Hack Tools Download
• Pentest Tools For Mac
• Growth Hacker Tools
• Tools Used For Hacking
• Physical Pentest Tools
• Game Hacking
• Hacker Hardware Tools
• Pentest Tools Nmap
• Hacking Tools And Software
• Best Hacking Tools 2020
• Pentest Tools Online
• Pentest Tools For Android
• Hack Tool Apk No Root
• Hack Tools
• Hacking Tools For Kali Linux
• Hacker Tool Kit
• Black Hat Hacker Tools
• Pentest Tools Apk
• Usb Pentest Tools
• Usb Pentest Tools
• Hack Tools
• Hacking Tools For Kali Linux
• What Is Hacking Tools
• Pentest Tools Download
• Hacker Tools Online
• Beginner Hacker Tools
• Hack Apps
• What Are Hacking Tools
• Hacking Tools Online
• Hack Tools For Mac
• Hack And Tools
• Hacker Tools For Ios
• Pentest Tools Linux