Russian Cyberspies Allegedly Linked to Mac Spyware ‘Xagent’
Russian cyberspies known as APT28 have created a Mac version of their famous Xagent malware, which already has versions for Windows, iOS, and Android.
The XAgentOSX malware, as the group calls it, includes several artifacts and shared components that link it to its Windows version, according to Bitdefender and Palo Alto researchers, who discovered attacks where this Mac variant was used. Xagent has previously been used to target Windows, iOS, Android and Linux devices, but Apple’s Mac OS X was thought to be immune to the malware.
The malware can steal passwords, grab screenshots, and downloads backups of iPhones stored on targeted Macs, as well as execute other malicious code on infected machines, through the creation of backdoor, which Bitdefender notes is likely planted on the system through exploiting the Komplex downloader trojan.
According to Bitdefender, the Xagent malware spawned from the same group of Kremlin-linked cyber-espionage specialists, APT28. Last year, the team released the same malware that targets Apple’s mobile devices.
Fortunately, an antivirus software can easily deal with this threat. However, for those who are not accustomed to using antivirus software on a Mac, users are forewarned. It is also suggested for users to take extra care when downloading third-party applications from the Internet. Furthermore, because the Xagent malware targets Mac OS X users, upgrading to the newest macOS will most likely get anyone covered.