Beware of 'OfficeNote' - Apple Mac malware in disguise available on Dark Web

tech.hindustantimes.com:

A fresh Mac threat has emerged, and it's a revamped version of the notorious XLoader malware. This time, it's disguised as a productivity app called "OfficeNote." Here's what you need to know to keep your Mac secure.

XLoader has been causing trouble since 2015, but it usually targets Windows PCs. In 2021, a macOS version appeared, but it was distributed as a Java program, which was not very potent against Macs. Now, a new version of XLoader has surfaced, written in programming languages C and Objective C, according to a Tom's Guide report. What's more, it's signed with an Apple developer signature, making it appear legitimate.

Hackers have become quite clever. Instead of sending phishing emails with malware attachments, they're disguising XLoader as a fake productivity app named "OfficeNote." This deceptive tactic can trick unsuspecting Mac users into downloading it.

This malicious version of XLoader is hidden within the OfficeNote app installation file. While it was signed with a developer signature in July, Apple has since revoked it. Strangely, Apple's built-in XProtect malware scanner can't detect this threat.

XLoader is sold as a "Malware-as-a-Service" on the Dark Web.Hackers pay its creators to use it in their attacks. The macOS version is more expensive than its Windows counterpart: $199 per month or $299 for three months, compared to $59 per month or $129 for three months, Tom's Guide reveals.

When a Mac user tries to install OfficeNote, they receive an error message, making them think something's wrong with the program. But here's the sneaky part: XLoader secretly installs itself.

Once on your Mac, XLoader goes for the kill. It tries to steal passwords and other sensitive data from your clipboard. It also targets