Threat: UpdateAgent/WizardUpdate
The UpdateAgent family of malware has been actively circulating since 2020. Microsoft recently reported the latest variant of the family.
Affects: UpdateAgent is a Mac-targeted trojan that masquerades as legitimate software. The attack payload has varied over time from information gathering to adware deployment. It is actively being developed.
Detected by: Jamf Protect detected UpdateAgent (also known as WizardUpdate) as of 12/30/20 with new variants added, as discovered.
Prevented by: Jamf Protect detected UpdateAgent (also known as WizardUpdate) as of 12/30/20 with new variants added, as discovered.
IOCs (as published by Microsoft):
Web exploit URLs:
Don't let your Mac fleet become hexed, cursed or jinxed...
Jamf Protect casts Expelliarmus on the macOS malware looking to compromise the security of you macOS endpoints!
Blog
Sysjoker Malware got you down? Jamf’s got you covered
Read More
Blog
Jamf protects against DazzleSpy backdoor malware making the rounds
Read More
Blog
Jamf Protect Series: macOS quietly keeps you secure
Read More
Video
Remediating security events with Jamf Pro, Jamf Protect and Jamf Connect
Read More
Browse Blog
by Category:
by Category:
Subscribe to the Jamf Blog
Have market trends, Apple updates and Jamf news delivered directly to your inbox.
To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.