Beware of Formbook which is now attacking macOS

If you are an active user of Windows and, especially, if this operating system is used in your working environment, you might be aware of a popular malware available for Windows known as Formbook. This programme has been available on the market for over five years and, unfortunately, according to experts of cybersecurity, its new version is now attacking devices working on macOS as well. Thus, you should be twice more careful while using your personal computer and laptop.

What is Formbook?

Actually, Formbook is one of the most widespread malware when it comes to the machines working on Windows. As it has already been mentioned, it has been active for more than five years. Note that in 2020 the name of this programme was changed to XLoader.

According to the data reported by Check Point Research which is a company specialising in cybersecurity, XLoder has been modified in such a way as it can attack the users of the devices running on macOS as well.

Why is XLoader dangerous?

XLoader is used by hackers and social engineers for stealing personal data as well as the information about various companies stored on computers. The most popular way of getting this programme on your computer is by opening a phishing message.

As you might know, phishing messages are a kind of dangerous spam which can install malware on your computer. In the case of XLoader, the phishing messages containing the installation files for this programme are written in such a way as to encourage the victims to open the files. The messages are rather tricky since the file attached which can actually spread the malware on your computer is a Microsoft Word file rather than anything looking suspicious. This makes company environments particularly vulnerable to getting attack by social engineers who can easily pretend to be one of the employees or partners of an organisation encouraging the subjects of their attack to download and open a contaminated file. Needless to say, such a practice can seem absolutely normal to many employees and not raise any suspicions in people.

Once XLoader is on a computer, it gives access to all the data stored on the machine to the third party. At the same time, the architecture of this programme is thus complex that it can hardly be detected even by the most state-of-the-art programmes specialising in cybersecurity.

XLoader can perform various functions on a computer sending the personal information to third parties and making screenshots. Furthermore, this programme can create reports about all of the clicks performed by a computer user and even turn on other programmes remotely. Needless to say, this is a powerful piece of malware. At the same time, regularly users will not even be able to notice that something is going on their computers.

How much does XLoader cost?

XLoader can be purchased by people who want to steal information about others for various reasons. The current price for this programme depends on the platform you are going to use it on as well as on the period of time you are going to track your victim.

For instance, access to this malware programme for Windows for a month will cost you 59 dollars, whereas purchasing it for three months will cost 129 dollars. Interestingly, the macOS modification of this programme is cheaper. The price for a single month is 49 dollars whereas access for three months will cost you 99 dollars.

Is XLoader popular in your country?

XLoader is one of the most widespread malware for Windows indeed, however, its popularity is not equal for different countries. So far, the major market for this programme is The USA. According to the statistics for the period starting from December 2020 up to the May 2021, 53% of victims whose devices were attacked by XLoader live in The USA.

The next market of XLoader is significantly smaller, yet still remarkable. During the abovementioned period 9% of residents of SAR were attacked by the malware. A bit smaller number of victims (5%) are from Mexico.

XLoader is also increasing its popularity in such countries as France, Germany, Bermuda, Russia and The Netherlands. The 2% of all the victims of XLoader are from the latter country, whereas the rest of them had 3% of the entire number of victims each.

The rest 20% of the XLoader victims are coming from other countries.

Currently, the group of all of the Formabook products and modifications was the forth popular malware the last year and the sixth most popular one for the entire period of existing of malware in general.