1 min read

Dissecting the APT28 Mac OS X Payload whitepaper available

Bogdan BOTEZATU

February 23, 2017

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Dissecting the APT28 Mac OS X Payload whitepaper available

Ever since the emergence in 2007 of the APT28 group, Bitdefender has become familiar with the backdoors used to compromise Windows and Linux targets, such as Coreshell, Jhuhugit and Azzy for the former OS or Fysbis for the latter.

Earlier this month, we have been able to finally isolate the Mac OS X counterpart – the XAgent modular backdoor that was supposeldy delivered via a known dropper associated with the act (the Komplex downloader).

The whitepaper we have prepared will walk you through the inner workings of the XAgent backdoor from its initialization stage to the exfiltration of stolen data. Chapter E is a detailed breakdown of the modules that comprise one of the most advanced threats targeting the Mac operating system to date.

You can download the whitepaper from the Industry Reports section on the Bitdefender website.

Download the whitepaper

tags


Author



Right now

Top posts

Vulnerabilities Identified in Wyze Cam IoT Device

Vulnerabilities Identified in Wyze Cam IoT Device

March 29, 2022

1 min read
New FluBot and TeaBot Global Malware Campaigns Discovered

New FluBot and TeaBot Global Malware Campaigns Discovered

January 26, 2022

10 min read
Bitdefender Honeypots Signal Active Log4Shell 0-Day Attacks Underway; Patch Immediately

Bitdefender Honeypots Signal Active Log4Shell 0-Day Attacks Underway; Patch Immediately

December 10, 2021

2 min read
Bitdefender, Law Enforcement Partnership Saves REvil Victims Half a Billion in Ransom Demand

Bitdefender, Law Enforcement Partnership Saves REvil Victims Half a Billion in Ransom Demand

November 08, 2021

2 min read
Bitdefender Offers Free Universal Decryptor for REvil/Sodinokibi Ransomware

Bitdefender Offers Free Universal Decryptor for REvil/Sodinokibi Ransomware

September 16, 2021

2 min read
LuminousMoth – PlugX, File Exfiltration and Persistence Revisited

LuminousMoth – PlugX, File Exfiltration and Persistence Revisited

July 21, 2021

9 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

RIG Exploit Kit Swaps Dead Raccoon with Dridex RIG Exploit Kit Swaps Dead Raccoon with Dridex
Mihai NEAGUGeorge MIHALI
1 min read
Bitdefender Honeypots Signal Active Log4Shell 0-Day Attacks Underway; Patch Immediately Bitdefender Honeypots Signal Active Log4Shell 0-Day Attacks Underway; Patch Immediately
Silviu STAHIE

December 10, 2021

2 min read
Golang Bot Starts Targeting WordPress Websites Golang Bot Starts Targeting WordPress Websites
Silvia PRIPOAESilviu STAHIE
3 min read