noodls browser compatibility check

The security settings of your browser are blocking the execution of scripts.

To use noodls, javascript support must be enabled. Please change your browser's security settings to enable javascript.

If you have changed your browser's security settings, you can click here.

related announcements

News

WGAE - Writers Guild of America,[...]

Sesame Workshop Writers Reach Tentative Agreement on New Contract
Georgia Department of Public Safety

URGENT APPEAL FOR INFORMATION REGARDING FATAL CRASH IN TIFT COUNTY
Protagonist Therapeutics Inc.

Statement of Changes in Beneficial Ownership - Form 4

Technology

McAfee Corporation

08/03/2021 | Press release | Distributed by Public on 08/03/2021 10:58

3 Tips to Protect Yourself From XLoader Malware

By Vishnu Varadaraj on Aug 03, 2021

Picture this: you open your MacBook and see an email claiming to be from your favorite online store. In the email, there is an attachment with 'important information regarding your recent purchase.' Out of curiosity, you open the attachment without checking the recipient's email address. The next thing you know, your device is riddled with malware.

Unfortunately, this story is not far from reality. Contrary to popular belief, Apple computers can get viruses, and XLoader has Mac users in their sights.

Let's break down XLoader's 's origins and how this malware works.

Where Did XLoader Come From?

XLoader originated from FormBook, which has been active for at least five years and is among the most common types of malware. Designed as a malicious tool to steal credentials from different web browsers, collect screenshots, monitor and log keystrokes, and more, FormBook allowed criminals to spread online misfortune on a budget. Its developer, referred to as ng-Coder, charged $49, a relatively cheap price to use the malware, making it easily accessible to cybercriminals.

Although ng-Coder stopped selling FormBook in 2018, this did not stop cybercriminals from using it. Those who had bought the malware to host on their own servers continued to use it, and in turn, quickly noticed that FormBook had untapped potential. In February 2020, FormBook rebranded to XLoader. XLoader can now target Windows systems and macOS devices.

How XLoader Works

Typically, XLoader is spread via fraudulent emails that trick recipients into downloading a malicious file, such as a Microsoft Office document. Once the malware is on the person's device, an attacker can eavesdrop on the user's keystrokes and monitors. Once a criminal has collected enough valuable data, they can make fake accounts in the victim's name, hack their online profiles, and even access their financial information.

Minimize Your Risk of macOS Malware Attacks

According to recent data, Apple sold 20 millionMac and MacBook devices in 2020. With macOS's growing popularity, it is no surprise that cybercriminals have set their sights on targeting Mac users. Check out these tips to safeguard your devices and online data from XLoader and similar hacks:

1. Avoid suspicious emails and text messages

Hackers often use phishing emailsor text messages to distribute and disguise their malicious code. Do not open suspicious or irrelevant messages, as this can result in malware infection. If the message claims to be from a business or someone you know, reach out to the source directly instead of responding to the message to confirm the sender's legitimacy.  

2. Avoid sketchy websites.

Hackers tend to hide malicious code behind the guise of fake websites. Before clicking on an unfamiliar hyperlink, hover over it with your cursor. This will show a preview of the web address. If something seems off (there are strange characters, misspellings, grammatical errors, etc.) do not click the link.

3. Recruit the help of a comprehensive security solution

Use a solution like McAfee Total Protection, which can help protect devices against malware, phishing attacks, and other threats. It also includes McAfee WebAdvisor - a tool that identifies malicious websites. 

Regardless of whether you use a PC or a Mac, it is important to realize that both systems are susceptible to cyberthreats that are constantly changing. Do your research on prevalent threats and software bugs to put you in a great position to protect your online safety.  

Put Your Mind at Ease With Security Best Practices

XLoader is just the latest example of how the gap between the prevalence of PC versus macOS malware is steadily closing. To better anticipate what threats could be around the corner and how to best combat them, stay updated on all of the latest online safety trends and practice great security habits. This will not only help protect your devices and online accounts but also bring you greater peace of mind.

Stay Updated

To stay updated on all things McAfeeand on top of the latest consumer and mobile security threats, follow @McAfee_Homeon Twitter, subscribe to our newsletter, listen to our podcast Hackable?, and 'Like' us on Facebook.  

Sharing and Personal Tools

Please select the service you want to use: