Adload

Malware updated 4 months ago (2024-05-04T20:18:58.352Z)

Download STIX

Preview STIX

AdLoad is a stealthy and pervasive malware that belongs to the AdLoad family of threats. This Trojan infiltrates macOS systems, installing adware and potentially harmful applications without user knowledge. Last week, it was revealed that roughly 10,000 macOS systems had been turned into proxy exit nodes by AdLoad, some of which may have been repurposed after being infected with the adware. The malware is known for its deceptive tactics such as the "Adobe Flash Player is out of date" browser scam, tricking users into downloading and installing unwanted applications. The researchers believe that AdLoad might be running a pay-per-install campaign, monetizing access to the infected macOS systems by deploying a legitimate proxy application on them. This activity likely represents AdLoad's method of counting the number of infected systems, supporting their monetization scheme. The disclosure builds upon prior findings from AT&T, suggesting that macOS machines compromised by AdLoad are being corralled into a giant residential proxy botnet. AdLoad is one of the largest known adware strains targeting macOS, indicating that users of these devices are a lucrative target for the adversaries behind this malware. The company's report is a continuation of a previous study conducted by AT&T Alien Labs research on Mac systems turned into proxy exit nodes by AdLoad. The widespread nature of AdLoad, potentially infecting thousands of devices worldwide, underscores the need for vigilant cybersecurity measures among macOS users.

Description last updated: 2024-05-04T19:38:57.964Z

What's your take? (Question 1 of 3)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Malware

Proxy

Macos

Backdoor

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the Adload Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	8 months ago	TrustedMacResultsDaemon Will Damage Your Computer Mac – Removal
CERT-EU	a year ago	CorporateGlobe Mac Virus Removal
CERT-EU	a year ago	ProxyNation: The dark nexus between proxy apps and malware - Cybersecurity Insiders
CERT-EU	a year ago	TradeAero Mac Adware - Removal Guide
CERT-EU	a year ago	All the Mac malware we know about
CERT-EU	10 months ago	System Error: Click Here to Renew Norton Pop-up Mac Removal
CERT-EU	a year ago	Jamf Threat Labs subverts iPhone security with fake Airplane Mode
CERT-EU	a year ago	Massive 400,000 proxy botnet built with stealthy malware infections
DARKReading	7 months ago	macOS Malware Campaign Showcases Novel Delivery Technique
CERT-EU	8 months ago	ActivityCachefld Will Damage Your Computer Mac - Removal
CERT-EU	9 months ago	Nbp Virus App Mac - Removal Guide [Fix]
CERT-EU	9 months ago	Ryderd Will Damage Your Computer - Removal Guide [5 Mins]
CERT-EU	a year ago	EssentialPlatform Virus - Mac Removal Guide
CERT-EU	a year ago	FiberOpticJoin Mac Ads Virus Removal [Guide]
CERT-EU	a year ago	ExperienceSys Virus - Mac Removal Guide
CERT-EU	a year ago	Remove OpticalFraction Mac Virus [Fix Guide]
CERT-EU	a year ago	Thousands of Systems Turned Into Proxy Exit Nodes via Malware
Securityaffairs	a year ago	A massive campaign delivered a proxy server application to 400,000 Windows systems
CERT-EU	a year ago	DesignationDrive Virus Mac Removal Guide
CERT-EU	a year ago	Thousands of Systems Turned Into Proxy Exit Nodes via Malware