Home > Cyber News > XLoader Malware-as-a-Service Now Available for macOS for Only $49

XLoader Malware-as-a-Service Now Available for macOS for Only $49

xloader-malware-sensorstechforumFormbook is an old infostealer, more exactly form-stealer, and keylogger that has now added Mac users to its target list. Apparently, the malware is being sold for as little as $49 on underground forums, enabling cybercriminals to perform various malicious operations.

Formbook/XLoader Malware: an Easy-to-Use MaaS

The infostealer is not only cheap but it is also easy to use. It comes in the form of malware-as-a-service (MaaS), making it very simple to configure and deploy. The discovery comes from Check Point researchers.

“Formbook is currently one of the most prevalent malware. It has been active for more than 5 years already. Check Point reported in December 2020 that Formbook affected 4% of organizations worldwide and made it to the top 3 list of the most prevalent malware,” the report says. It is noteworthy that a newer strain of the Formbook malware has been detected in the wild. Called XLoader, this newer, rebranded version appeared in 2020, shortly after Formbook disappeared from underground markets.

The original idea of Formbook was for it to be a simple keylogger. However, customers noticed its potential as a universal tool which can be deployed in spam campaigns against organizations worldwide. “As this potential became a reality, the author stopped sales of the product without giving detailed explanations about the motives behind this decision,” Check Point explains.

Shortly after its sudden disappearance, the malware resurfaced in a new shape. XLoader is now available for sale in a specific underground forum by a different avatar. “XLoader opened up several new opportunities, with the ability to operate in the macOS being one of the most exciting. XLoader’s story is on-going, and judging by the popularity of the malware, shows no signs of ending any time soon,” the report says.

The interest in the malware is quite astonishing. During the 6 months between December 1, 2020 and June 1, 2021, Check Point saw Formbook/XLoader requests from as many as 69 countries, or more than a third of the total 195 countries recognized in the world today.

Previous XLoader Campaign Targeted iOS and Android Users

In 2019, security researchers detected an XLoader campaign set against iOS and Android users. In the case of the Android version, hackers were targeting Twitter user profiles for its C&C operations. The versions for Android and iOS could also gather extensive information, including all kinds of hardware parameters and data that can identify the device owners. The campaign was based on the delivery of fake banking and gaming apps.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree