Mac Users Beware: Xagent Malware Targets iPhone Backups from Mac OSX

By on
Xagent malware affects Mac OSX and can access passwords and iPhone backups

Internet safety is a never ending battle. Everyday, thousands upon thousands of malware and computer viruses spring basically from everywhere. In fact, the people from Bitdefender just discovered one particular malware that targets Mac OSX users. The Xagent malware is the new backdoor and cyber-espionage malware from the same people who developed the same malware for iPhones.

The Xagent malware is a rather complex piece of software that often get installed via the Complex downloader. Once the malware is installed in the system, it sends user information to a remote server. To make matters worse, it can even exfiltrate iPhone backups from a compromised system.

The way Xagent malware works is that once the system is infected, it checks if a debugger is running. If not, it then checks for internet connection and tries to connect to a remote server hosted by C&C. Once the connection has been established, Xagent malware then starts dumping system information to it.

Xagent malware can access iPhone backups on infected Mac OSX systems

Mac OSX user interface (via

These pieces of information may include usernames, passwords and bank information. In extreme cases, the malware can even take display screenshots, and probe the system for software and hardware configurations.

Perhaps the most concerning of all is the malware’s ability to get inside store backups of iPhones from an infected system. Once it detects the presence of a device backup, it can then scan that backup and send pertinent information to its remote server.

According to Bitdefender, the Xagent malware spawned from the same group of cyber-espionage specialists, APT28. Last year, the team released the same malware that targets Apple’s mobile devices.

Fortunately, an antivirus software can easily deal with this threat. However, for those who are not accustomed to using antivirus software on a Mac, users are forewarned. It is also suggested for users to take extra care when downloading third-party applications from the Internet. Furthermore, because the Xagent malware targets Mac OSX users, upgrading to the newest OS will most likely get anyone covered.

The Internet is quite a dangerous place if one does not know how to deal with it. There are websites disguised as another legitimate website in order to obtain users’ information. Users who regularly connect to the internet should take extra care. This is especially true even for Mac users since more and more people are using the system nowadays. Hence gaining popularity like Microsoft did on the Windows many years ago. For more updates on the Xagent malware, be sure to check us out at TheBitbag.

ALSO READ: Four New AMD Ryzen AM4 Motherboards from Asus Leaked

About the author

To Top