A new variant of the macOS malware tracked as
UpdateAgent has been spotted in the wild, indicating ongoing attempts on the part of its authors to upgrade its functionalities.
"Perhaps one of the most identifiable features of the malware is that it relies on the AWS infrastructure to host its various payloads and perform its infection status updates to the server," researchers from Jamf Threat Labs
said in a report.
UpdateAgent, first detected in late 2020, has since
evolved into a malware dropper, facilitating the distribution of second-stage payloads such as adware while also bypassing macOS
Gatekeeper protections.
