Beware of 'OfficeNote' - Apple Mac malware in disguise available on Dark Web
Beware: XLoader malware returns as an "OfficeNote" app on Apple Macs. Know how to protect your Mac from this sneaky threat.
A fresh Mac threat has emerged, and it's a revamped version of the notorious XLoader malware. This time, it's disguised as a productivity app called "OfficeNote." Here's what you need to know to keep your Mac secure.
XLoader: A Brief Background
XLoader has been causing trouble since 2015, but it usually targets Windows PCs. In 2021, a macOS version appeared, but it was distributed as a Java program, which was not very potent against Macs. Now, a new version of XLoader has surfaced, written in programming languages C and Objective C, according to a Tom's Guide report. What's more, it's signed with an Apple developer signature, making it appear legitimate.
How the Malware Spreads
Hackers have become quite clever. Instead of sending phishing emails with malware attachments, they're disguising XLoader as a fake productivity app named "OfficeNote." This deceptive tactic can trick unsuspecting Mac users into downloading it.
This malicious version of XLoader is hidden within the OfficeNote app installation file. While it was signed with a developer signature in July, Apple has since revoked it. Strangely, Apple's built-in XProtect malware scanner can't detect this threat.
Expensive and Dangerous
XLoader is sold as a "Malware-as-a-Service" on the Dark Web.Hackers pay its creators to use it in their attacks. The macOS version is more expensive than its Windows counterpart: $199 per month or $299 for three months, compared to $59 per month or $129 for three months, Tom's Guide reveals.
When a Mac user tries to install OfficeNote, they receive an error message, making them think something's wrong with the program. But here's the sneaky part: XLoader secretly installs itself.
What XLoader Does
Once on your Mac, XLoader goes for the kill. It tries to steal passwords and other sensitive data from your clipboard. It also targets Google Chrome and Mozilla Firefox, going after cookies and other browser data. Oddly, it leaves Safari alone.
To stay safe, be cautious about downloading apps from untrusted sources. Stick to the Mac App Store and verified developers. Keep your Mac's software up to date, as Apple frequently releases security patches. Lastly, use reliable antivirus software that can detect and remove threats like XLoader.