Quote:A swelling wave of AdLoad malware infections in macOS devices is cresting its way past Apple’s on-device malware scanner, researchers said. The campaign is using around 150 unique samples, some of which are signed by Apple’s notarization service.
AdLoad is a well-known Apple threat that’s been circulating for years. It’s essentially a trojan that opens a backdoor on the affected system in order to download and install adware or potentially unwanted programs (PUPs). It’s also capable of gathering and transmitting information about victim machines, such as username and computer name. It’s also been seen hijacking search engine results and injecting advertisements into web pages.
It’s changed up its tactics lately, creating an opportunity to evade on-board security.
“This year we have seen another iteration that continues to impact Mac users who rely solely on Apple’s built-in security control XProtect for malware detection,” Phil Stokes, researcher at SentinelOne’s SentinelLabs, said in a Wednesday posting. “XProtect arguably has around 11 different signatures for AdLoad [but] the variant used in this new campaign is undetected by any of those rules.”
Read more: AdLoad Malware 2021 Samples Skate Past Apple XProtect
![[-]](https://www.geeks.fyi/images/collapse.png)
