Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319


This $49 malware could steal all your Mac data

Image Description

Security researchers from Check Point Research have observed a new strain of malware in the wild that has evolved to steal data from MacOS users.

This new strain is named “XLoader” and is derived from the infamous Formbook malware that has been active for over five years. While Formbook was initially created to be a simple keylogger, cybercriminals saw its potential has a universal tool which led its creator to stop sales of the product before relaunching it as XLoader.

While Formbook was used to primarily target Windows users in the past, after its rebranding as XLoader last year, it gained additional capabilities including the ability to target Macs.

What makes XLoader particularly dangerous is the fact that a license for the malware can be purchased on the Dark Web for as little as $49. Cybercriminals who purchase an XLoader license are then equipped to harvest log-in credentials, collect screenshots, log keystrokes and execute malicious files on victim's machines.

XLoader malware

Check Point Research tracked XLoader activity between December of last year and June of this year to discover that over half (53%) of victims infected with the malware reside in the United States. Hong Kong was the second hardest hit at just nine percent followed by Mexico and Germany at five percent and three percent respectively.

As XLoader is spread using spam emails that contain malicious files, Check Point Research recommends that users avoid opening suspicious email attachments, visiting suspicious websites and using malware removal software to avoid having their Mac or PC infected.

However, if you think your system has become infected, the cybersecurity firm says that ordinary users should consult with a security professional as XLoader is stealth in nature and difficult to detect. 

More experienced users can run Autorun on their Macs, check their username in the OS, go to /Users/[username/Library/LaunchAgents directory and look for suspicious filenames to see if they are infected. Removing any suspicious files should then also remove XLoader from your system though this method isn't for the inexperienced.

Head of cyber research at Check Point Software, Yaniv Balmas explained why cybercriminals are increasingly targeting Mac users, saying:

“While there might be a gap between Windows and MacOS malware, the gap is slowly closing over time. The truth is that MacOS malware is becoming bigger and more dangerous. Our recent findings are a perfect example and confirm this growing trend. With the increasing popularity of MacOS platforms, it makes sense for cyber criminals to show more interest in this domain, and I personally anticipate seeing more cyber threats following the Formbook malware family. I would think twice before opening up any attachments from emails I get from senders I don’t know.”


21 Jul 2021



Other Blog

  • How do digital ID tools combat identity theft?

    ID theft has become a serious and widespread problem in recent years.

    Read More
  • Twitter flags tweets with manipulated media in India - This is how it works

    Twitter has put the warning of "manipulated media" on a post by the IT cell chief of India’s ruling party -- an ignominious first for an Indian user’s tweet.

    Read More
  • 5 best Clubhouse alternatives for Android phones

    There are lots of exciting ‘social audio’ apps on the Play Store to enjoy before Clubhouse arrives on Android.

    Read More
  • Nasty WordPress plugin vulnerabilities puts over a million sites at risk

    An improperly implemented security check in the Ninja Forms plugin gave super powers to any logged in user.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us