Notorious XLoader malware now affects Macs

Any Mac users under the impression that their machines are 100% secure will be surprised to learn that one of the most prevalent pieces of Windows malware has now been confirmed to run on macOS.

Check Point security researchers report, in fact, that the XLoader malware has been available in a Mac version for some time.

“With approximately 200 million users operating macOS in 2018 (as reported by Apple), this is definitely a promising new market for the malware to enter,” the researchers write.

XLoader is a relatively new variant of the infamous Formbook, a program used to steal login credentials, record keystrokes, and download and execute files, as directed by the controlling server. It’s one of the most wide-reaching pieces of malware on Windows computers: according to AnyRun Malware Trends Tracker, it was the fourth most prevalent malware family in 2020. And now Mac owners need to be concerned too.

Check Point stresses, however, that XLoader on PC and Mac should not be confused with XLoader for Android, which is a separate piece of software first spotted in 2019.

A server with the Mac version of XLoader can be rented at a cost of $49 (roughly £36) per month, and according to security researchers, hackers from 69 countries have taken up the offer. The most seriously affected country is the US, reports Bleeping Computer.

“While there might be a gap between Windows and macOS malware, the gap is slowly closing over time,” comments Yaniv Balmas from Check Point. “The truth is that macOS malware is becoming bigger and more dangerous.”

For peace of mind, we recommend installing a reputable suite of antimalware software. Read best Mac antivirus for our recommendations; Intego Mac Internet Security X9 is the product that’s top of our rankings.

We have a complete list of the viruses and malware that have appeared on Macs. Read:  List of Mac viruses and malware.

This article originally appeared on Macworld Sweden. Translation and additional reporting by David Price.