Mac Malware Discovered by Bitdefender is Linked to APT28 Group of Hackers Utilizes Xagent Tool
Hackers that has been affiliated with Russian government are believed to have hacked the DNC a year ago is the group behind one of the biggest cyberspionage campaigns. Hackers have been focusing on Mac clients using a malware designed that is intended to take passwords, screenshots, and steal backup iPhone information.
ZDNet reported that this malware, found by cyber security analyst at Bitdefender, is thought to be connected to the APT28 group, which was blamed for interfering in the United Stated presidential race. APT28 is involved of mostly Russian-speaking programmers who work during the Russian business hours. Bitdefender clarified on a report that group has focused on Ukraine, Spain, Russia, Romania, United States, and Canada.
Bitdefender takes note of various similarities between the malware attacks against Macs, which have been occurring since September 2016. The security company said that APT28 is made in a particular indirect access for Mac called Xagent, a new type of malware targets victims running Mac OS X and install a secluded backdoor access into the system which empowers the criminals to do cyberspionage activities.
According to BGR, APT28 is believed to be acting on behalf of the Russian government, which means it is not about taking information from regular individuals. Rather, the group is developing tools for a wide range of operating framework, including the one that is esteemed to be more secure than others.
Hacking an iPhone is more complicated than an Android smartphone, yet, getting access to somebody's Mac, which can contain unencrypted iPhone backups, is much easier. Forensic confirmation recommends that the Mac OS paired behind Xagent offers indistinguishable strings to the Komplex downloader, which previously utilized by the APT28 group. This piece of Mac malware might not influence consistent Apple computer users, particularly after Apple discovers approaches to keep it from working and the investigation into Xagent is still ongoing.