Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Spies in Russia blamed for producing malware called X-Agent

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

February 15, 2017

There's more news today and this time if affects Mac OS X computers and a few Apple devices.

It looks like government spies working for the Kremlin have been blamed for producing malware called X-Agent, which targets potential victims running Mac OS X to steal passwords, take screenshots and exfiltrate iPhone backups stored on Mac and Apple devices.

Initial analysis by internet security software company BitDefender has apparently uncovered some links to the APT-28 cyber espionage group, elsewhere identified as a Russian military intelligence (GRU) unit working from the Kremlin and other locations.

That was blamed for 2016's infamous attack on the U.S. Democratic Party, an earlier attack on the German Bundestag, and a few more.

The latest malware features the same dropper/downloader and similar command and control centre URLs, as well as the same artefacts hardcoded in the binary files as had been seen in previous strains linked to APT28, aka Fancy Bear.

Analysis of the Xagent malware reveals the obvious presence of several modules that can probe the system for hardware and software configurations, take an unauthorized list of running processes and then run additional files.

It is reported that Xagent can also take desktop screenshots and harvest browser passwords in clear text.

The most important module from an intelligence-gathering perspective is the one that allows the operator (s) to exfiltrate iPhone backups stored on a compromised Mac computers and some Apple devices.

BitDefender's previous research into the APT-28 malware can be found on its website. We'll keep you updated.

Source: BitDefender.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer