21 July 21, 11:26
Quote:There’s a new version of the old FormBook form-stealer and keylogger that’s added Mac users to its hit list, and it’s selling like hotcakes on underground markets for as low as $49.
It’s not only cheap; it’s easy. The data stealer is distributed in the form of malware-as-a-service (MaaS) and stands out from competing malware by being drop-dead simple to use, outfitting even code dummies with a multipurpose malware tool.
In a report posted on Wednesday, analysts at Check Point Research (CPR) said that the new strain of FormBook – which mainly targeted Windows users when it first popped up on hacking forums in 2016 – is named XLoader. According to the report, FormBook disappeared from malware markets in 2018, then rebranded to XLoader in 2020.
Over the past six months, XLoader’s been a busy beaver, prolifically targeting Window users but also gnawing on its newfound love: namely, “to CPR’s surprise,” Mac users.
XLoader licenses start at $49: a price that will get even the most inexperienced and poorly funded cyberattackers a tool that they can use to harvest log-in credentials, collect screenshots, log keystrokes and execute malicious files.
Check Point has tracked XLoader requests flooding in from eager attackers in 69 countries. Most of the targets – 53 percent – are in the U.S., including both Mac and Windows users.
Read more: MacOS Being Picked Apart by $49 XLoader Data Stealer | Threatpost