Skip to main content
  1. Home
  2. Computing
  3. News

Possible Russian hacker network may be responsible for new MacOS malware

By
Add as a preferred source on Google

A particularly virulent form of cyberattack was identified when the Stuxnet malware wreaked havoc at Iran’s nuclear processing facilities. Discovered in 2010, the attack resulted in the creation of a new term, “advanced persistent threat” (APT), to designate a cyberattack that is intended to break into a particular target and work over a long period of time at stealing data or breaking down infrastructure.

But the Stuxnet attack was not the first example of an APT. Another, a hacker network dubbed APT28 and linked by some sources with Russian government or criminal elements, has been at work since 2007 targeting a number of industries and sectors in Ukraine, Spain, Russian, Romania, the U.S., and Canada. Anti-malware software company Bitdefender generated a report on APT28 in 2016 and has provided an update on its Bitdefender Labs blog connecting it to new MacOS malware.

Recommended Videos

The specific malware, called Xagent, is cross-platform software that also attacks iOS devices to steal contact and location information, apps lists, photos, and more. The MacOS version of Xagent is aimed at gaining access to passwords, taking screenshots, and most important breaking into iPhone backups to grab the same data as the iOS version.

Bitdefender has now connected the MacOS version of Xagent with APT28: “Our past analysis of samples known to be linked to APT28 group shows a number of similarities between the Sofacy/APT28/Sednit Xagent component for Windows/Linux and the MacOS binary that currently forms the object of our investigation. For once, there is the presence of similar modules, such as FileSystem, KeyLogger and RemoteShell, as well as a similar network module called HttpChanel.”

In addition, the Xagent sample that Bitdefender’s researchers examined connect to the same command-and-control web address that’s the same as the ones used by APT28. Bitdefender is still conducting its analysis but at least initially it appears that APT28 operators may now have a new tool — compromised MacOS machines — to use in attacking government agencies, political figures, telecommunications, ecrime services, and aerospace companies.

Mark Coppock
Mark Coppock
Former Computing Writer
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
Topics
Macbook Neo stress test shows Apple could’ve made it run cooler with a simple fix
This simple mod makes the MacBook Neo faster.
Apple MacBook Neo with users hands on it

Apple's MacBook Neo arrived as a shock to the industry. It is the new cheap MacBook that is designed to be silent, efficient, and affordable. But a new stress test suggests that it could have been noticeably better with a very simple change.

As per a recent test, the addition of a basic copper plate to the cooling setup can improve both thermals and performance by a meaningful margin. And the frustrating part? It isn't some complex engineering overhaul and is relatively straightforward.

Read more
The Mac Pro is dead at Apple, and I’ll miss the cheese-grater powerhouse
RIP Mac Pro. The Mac Studio is taking the throne, and we're okay with that.
Electronics, Computer, Pc

Apple has officially discontinued the Mac Pro. It’s been removed from Apple’s website, and Apple has confirmed to 9to5Mac that there are no plans to release a future version. The buy page now redirects to Apple’s Mac homepage, where the Mac Pro no longer exists.

Why did Apple kill the Mac Pro?

Read more
March Madness, Revisited: The AI Model Did Well. But Mad Things Still Happen
Stills from NCAA games.

(NOTE: This article is part of an ongoing series documenting an experiment with using AI to fill the NCAA brackets and see how it fares against years of human experience. The original article is as follows.)

A week ago, I wrote about entering an NCAA tournament pool with a more disciplined process than I usually use.

Read more