Microsoft has detailed the evolution of a relatively new piece of Mac malware called UpdateAgent that started stealing system information in late 2020 but has morphed into a tool for delivering adware and potentially other threats. 

The company’s Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family “UpdateAgent,” charting its evolution from a barebones information stealer to a second-stage payload distributor as part of multiple attack waves observed in 2021.

The UpdateAgent malware family began circulating no later than November or December 2020 as a relatively basic information stealer. It collected product names, version numbers, and other basic system information. Its methods of persistence—that is, the ability to run each time a Mac boots—were also fairly rudimentary.

One of UpdateAgent’s newest and most potent features is the ability to bypass Apple’s built-in Gatekeeper system that is meant to allow only trusted, signed apps to run on Macs. 

“The latest campaign saw the malware installing the evasive and persistent Adload adware, but UpdateAgent’s ability to gain access to a device can theoretically be further leveraged to fetch other, potentially more dangerous payloads,” the researchers said.

“UpdateAgent also misuses public cloud infrastructure, namely Amazon S3 and CloudFront services, to host its additional payloads,” said Microsoft 365 Defender Threat Intelligence Team.

Amazon Web Services (AWS) has taken down the malicious URLs.

Over time, Microsoft said on Wednesday, UpdateAgent has grown increasingly advanced. Besides the data sent to the attacker server, the app also sends “heartbeats” that let attackers know if the malware is still running. It also installs adware known as Adload.

In March 2021, it was updated again to fetch compressed .zip files instead of .dmg files and tweaked to prevent Gatekeeper from displaying the pop-up warning to users that a file is from an “unidentified developer”. Then in August, it was improved with changes that allowed the malware to inject persistent code that ran as root in a background process that’s invisible to the user. 

Once installed, the Adload malware makes use of ad injection software and man-in-the-middle (MitM) techniques to intercept and reroute users’ internet traffic through the attacker’s servers to insert rogue ads into web pages and search engine results to increase the chances of multiple infections on the devices.

“UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns,” Microsoft says in a blogpost, cautioning it could follow the trajectory of malware common to Windows. 

Considering both UpdateAgent and Adload can install additional payloads, attackers can leverage either or both of these vectors to potentially deliver more dangerous threats to target systems in future campaigns, it warned.

Microsoft is interested in Mac malware because more enterprises support non-Windows devices on corporate networks. It is encouraging defenders to use its Edge browser on macOS since it supports Microsoft’s Defender SmartScreen for blocking malicious websites.