1 min read

Mac Malware is Becoming a Bigger Threat for Users

Heroic Technologies : Updated on August 5, 2025

Cybersecurity

In late 2020 a new strain of malware called UpdateAgent appeared and began infecting Mac users.

Initially the strain wasn’t all that worrisome.  It stole system information but it was by no means the worst threat on a Mac user’s radar.

Since that time, the hackers behind the malicious code have been busy. UpdateAgent has received a few developments, with each one adding a new element of danger to the equation.  As things stand now UpdateAgent should be considered a serious threat to Mac users.

As of its latest iteration UpdateAgent installs an annoyingly persistent adware strain called Adload. It has gained capabilities that make it easy for UpdateAgent to install other even more threatening and damaging payloads in the future.

Microsoft has been investigating and following the development of UpdateAgent.  The company has discovered that the hackers who created the strain are hosting a wide range of other payloads on Amazon Web Services’ S3 and CloudFront services. While these have not yet been tied to UpdateAgent, it’s a clear sign of the shape of things to come.

In addition to that, the code is now capable of fetching compressed zip files instead of .dmg files. It has been modified to prevent Gatekeeper from displaying pop-up warnings to users.  It can also inject persistent code inside background processes that are invisible to the user.

Microsoft had this to say about their study of the malware strain:

“UpdateAgent is uniquely characterized by its gradual upgrading of persistence techniques, a key feature that indicates this trojan will likely continue to use more sophisticated techniques in future campaigns. 

Like many information-stealers found on other platforms, the malware attempts to infiltrate macOS machines to steal data and it is associated with other types of malicious payloads, increasing the chances of multiple infections on a device.”

If UpdateAgent wasn’t on your radar before it certainly belongs there now.  It’s one to watch  out for in the year ahead.

Used with permission from Article Aggregator
Escaping the Black Hole: Engineering ML Pipelines That Defy Data Gravity

Escaping the Black Hole: Engineering ML Pipelines That Defy Data Gravity

Nick: Mar 12, 2026 1:00:00 PM

For years, we’ve heard the mantra that data is the new oil, a valuable resource to be extracted and refined. But any IT director managing a growing...

Business Continuity Cloud Computing
Read More
Top 5 Managed IT Service Providers for Portland Businesses

Top 5 Managed IT Service Providers for Portland Businesses

Heroic Technologies: Mar 11, 2026 7:48:26 AM

If you run a business in Portland, there is a good chance you have felt at least one of these in the last year:

Read More
The Oregon Consumer Privacy Act : IT Checklist for Portland Businesses

The Oregon Consumer Privacy Act : IT Checklist for Portland Businesses

Heroic Technologies: Mar 11, 2026 3:53:21 AM

The OCPA is Here to Stay: What Portland Businesses Need to Know in 2026 When the Oregon Consumer Privacy Act (OCPA) first went into effect in July...

Portland business data security OCPA compliance checklist Oregon Consumer Privacy Act business guide
Read More

Update Apple Devices Soon for Important Security Patch

Heroic Technologies : Sep 30, 2021 2:00:00 PM

Apple released a very important security update today. The update fixes a pair of zero-day vulnerabilities that have been spotted in use in the wild...

Cybersecurity
Read More

Skype Adds Zoom Feature and Additional Modern Updates

Heroic Technologies : Jan 10, 2025 5:00:00 PM

Are you a Skype user? If so be aware that Microsoft (the company that owns Skype) just added a handy new feature you may want to start taking...

Tech Tips
Read More

Update Your All In One SEO Plugin For Security Patch

Heroic Technologies : Jan 4, 2022 11:00:00 AM

Do you own and operate a WordPress website? Do you also use the “All in One” SEO plugin?

Cybersecurity
Read More