Dissecting the APT28 Mac OS X Payload whitepaper available

Ever since the emergence in 2007 of the APT28 group, Bitdefender has become familiar with the backdoors used to compromise Windows and Linux targets, such as Coreshell, Jhuhugit and Azzy for the former OS or Fysbis for the latter.

Earlier this month, we have been able to finally isolate the Mac OS X counterpart – the XAgent modular backdoor that was supposeldy delivered via a known dropper associated with the act (the Komplex downloader).

The whitepaper we have prepared will walk you through the inner workings of the XAgent backdoor from its initialization stage to the exfiltration of stolen data. Chapter E is a detailed breakdown of the modules that comprise one of the most advanced threats targeting the Mac operating system to date.

You can download the whitepaper from the Industry Reports section on the Bitdefender website.

Comments are closed.