Mar 19, 2024 | Updated: 11:35 AM EDT

Xagent Malware of Russian Cyberespionage Group APT28 Targets Macs After Political Hacking for Trump's Win

Feb 28, 2017 04:10 AM EST

A new version of Xagent malware reportedly created by the Russian hacking group known as APT28 is targeting Mac devices this time around after its earlier version went all out to spy on Windows, iOS, Android, and Linux devices. The antivirus company Bitdefender recently described that the new Xagent malware is a backdoor which can do things like detecting system configurations,  logging on passwords, taking screenshots of the display, executing files and accessing the iOS backups stored on the Mac.

However, Bitdefender is not confident enough to say that the distribution of the Mac version of the malware is already widespread. The Xagent malware can be spread via a macOS malware downloader named as Komplex that can exploit a vulnerability in the virus-like MacKeeper software. An intensive probe on malware is still going on. An advisory was recently circulated by Mac users concerned over Xagent malware calling them not to download anything that does not come from the official Mac App Store online.

The Russian cyber espionage group APT28 has been accused of hacking into the U.S. Democratic National Committee last year. Democratic critics further dragged the cyber espionage activities of APT28 as a major cause in the election victory of President Donald Trump. The new Xagent malware has given the Russian hacking group an impression to have gone after Mac-techie now immediately past its reported political cyber hacking to U.S. election, which continues to hound President Trump now.  Analysts said that the earlier Xagent malware version might have done for the successful political hacking.

APT28 has been identified to be composed of Russian-speaking hackers who work during Russian business hours.  They have been targeting Spain, Ukraine, Romania, Russia, the US and Canada, Bitdefender said in its 2016 report.

The group under the employ of the Russian government is said to be developing tools for all sorts of operating systems including the ones that are hard to hack. It is said that an iPhone is more difficult to hack than the Android but the Russian group has just hacked Mac with its new Xagent malware.  The launch of the smart Xagent malware shows the intelligence sophistication of APT28.

Real Time Analytics