A new macOS specific variant of XLoader malware is being delivered disguised as the “OfficeNote” app. XLoader is a malware infostealer and botnet that has been active since 2015. It first appeared as a macOS variant in 2021, written in Java. The malware was limited to targeting environments where Java has been installed. Once executed, the malware shows an error message, while it is installing its malicious payload and persistence agent. XLoader tries to steal information from the user’s clipboard and login credentials saved by Chrome and Firefox browsers. The growing use of macOS devices has heightened their appeal to cybercriminals.
Read more: https://www.helpnetsecurity.com/2023/08/23/xloader-macos-officenote/