Xloader is a Rebranding of Formbook malware (mainly a stealer), available for macOS as well.
Formbook has a "magic"-value FBNG (FormBook-NG), while Xloader has a "magic"-value XLNG (XLoader-NG). This "magic"-value XLNG is platform-independent.
Not to be confused with apk.xloader or ios.xloader.
|2021-09-30 ⋅ Blackberry ⋅ |
Threat Thursday: xLoader Infostealer
|2021-07-27 ⋅ Check Point ⋅ |
Time-proven tricks in a new environment: the macOS evolution of Formbook
|2021-07-26 ⋅ SentinelOne ⋅ |
Detecting XLoader | A macOS ‘Malware-as-a-Service’ Info Stealer and Keylogger
|2021-07-26 ⋅ Malwarebytes ⋅ |
OSX.XLoader hides little except its main purpose: What we learned in the installation process
|2021-07-21 ⋅ Check Point ⋅ |
Top prevalent malware with a thousand campaigns migrates to macOS
|2020-10-23 ⋅ |
Tweet: An interesting tidbit: it has a Mach-O bin
There is no Yara-Signature yet.