AdLoad malware slipping through Mac security
Posted by: GuidePoint Security
Published 08/19/21 at 9:00 AM
A new trojan variant dubbed AdLoad is bypassing existing Mac security. While the malware itself has been around since 2017, researchers have observed the current variant increasingly targeting Mac systems since late 2020. Once infected, the malware installs a man-in-the-middle (MITM) web proxy to hijack search engines and inject adware into web pages. The malware can also gain persistence by installing LaunchAgents and LaunchDaemons.
Of the 220 samples observed by researchers, 150 of them were undetected by Apple’s built-in antivirus component. According to researchers, many of the samples had valid signatures, and several had been “blessed by Apple’s notarization service.”
Next Steps
Because a number of the AdLoad malware variants have been in circulation for a while and still remain undetected by Mac antivirus components, security professionals advise including advanced endpoint security into corporate defenses.
GuidePoint Security