New Xagent Mac Malware Linked with the APT28 and DNC Hack
operators have upped their game – the Xagent payload now can target victims running Mac OS X to steal passwords, grab screens and steal iPhone backups stored on the Mac.
Last year what appears to be one of the largest cyber-espionage campaigns ever, allegedly linked to the Russian territory.
The sample we are discussing today has been linked to the Mac OSX version of Xagent component from Sofacy/APT28/Sednit APT. This modular backdoor with advanced cyber-espionage capabilities is most likely planted on the system via the Komplex downloader.