Xloader is a Rebranding of Formbook malware (mainly a stealer), available for macOS as well.
Formbook has a "magic"-value FBNG (FormBook-NG), while Xloader has a "magic"-value XLNG (XLoader-NG). This "magic"-value XLNG is platform-independent.
Not to be confused with apk.xloader or ios.xloader.
|2022-03-25 ⋅ GOV.UA ⋅ |
Who is behind the Cyberattacks on Ukraine's Critical Information Infrastructure: Statistics for March 15-22
Xloader Agent Tesla CaddyWiper Cobalt Strike DoubleZero GraphSteel GrimPlant HeaderTip HermeticWiper IsaacWiper MicroBackdoor Pandora
|2022-03-07 ⋅ LAC WATCH ⋅ |
I CAN'T HEAR YOU NOW! INTERNAL BEHAVIOR OF INFORMATION-STEALING MALWARE AND JSOC DETECTION TRENDS
Xloader Agent Tesla Formbook Loki Password Stealer (PWS)
|2022-01-21 ⋅ Zscaler ⋅ |
Analysis of Xloader’s C2 Network Encryption
|2022-01-06 ⋅ VMRay ⋅ |
Malware Analysis Spotlight: XLoader’ Cross-platform Support Utilizing XBinder
|2021-09-30 ⋅ Blackberry ⋅ |
Threat Thursday: xLoader Infostealer
|2021-09-02 ⋅ MalwareBookReports ⋅ |
Cross-Platform Java Dropper: Snake and XLoader (Mac Version)
Xloader 404 Keylogger
|2021-07-27 ⋅ Check Point ⋅ |
Time-proven tricks in a new environment: the macOS evolution of Formbook
|2021-07-26 ⋅ SentinelOne ⋅ |
Detecting XLoader | A macOS ‘Malware-as-a-Service’ Info Stealer and Keylogger
|2021-07-26 ⋅ Malwarebytes ⋅ |
OSX.XLoader hides little except its main purpose: What we learned in the installation process
|2021-07-21 ⋅ Check Point ⋅ |
Top prevalent malware with a thousand campaigns migrates to macOS
|2020-10-23 ⋅ |
Tweet: An interesting tidbit: it has a Mach-O bin
There is no Yara-Signature yet.