MacStealer: The new info-stealing malware targeting Mac users

by | Mar 28, 2023 | News

MacStealer malware macOS

Post Views: 512

Premium Content

Patreon
Subscribe to Patreon to watch this episode.
Reading Time: 3 Minutes

New Mac malware steals credentials and sensitive data

Security researchers have discovered a new malware called MacStealer that is targeting macOS users. The malware has been designed to steal sensitive information stored on the iCloud KeyChain and web browsers, including credentials, cookies, and credit card details. Additionally, the malware can steal potentially sensitive files and cryptocurrency wallets.

The malware is being sold on the dark web as malware-as-a-service (MaaS) for $100, allowing anyone to purchase it and spread it in their campaigns.

Post promoting MacStealer to cybercriminals

Post promoting MacStealer to cybercriminals (Uptycs)

See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses

MacStealer can infect macOS Catalina and later versions

According to the Uptycs threat research team, the MacStealer malware can run on macOS Catalina (10.15) and up to the latest version of Apple’s OS, Ventura (13.2). The malware was discovered on a dark web hacking forum where the developer has been promoting it since the beginning of the month. The developer claims that the malware is still in an early beta development phase and offers no panels or builders, instead selling pre-built DMG payloads that can infect macOS Catalina, Big Sur, Monterey, and Ventura.

Once the victim executes the malware, it serves a fake password prompt to collect passwords from the compromised machine. The malware then collects all of the data mentioned above, stores them in a ZIP file, and sends the stolen data to remote command and control servers to be collected later by the threat actor. At the same time, MacStealer sends some basic information to a pre-configured Telegram channel, allowing the operator to be quickly notified when new data is stolen and download the ZIP file.

MacStealer attack chainMacStealer attack chain (Uptycs)

Trending: Exploit XSS Injections in a one-line powerful Technique

Trending: Offensive Security Tool: OpenRediWrecked

MacStealer developer sells pre-built payloads for early beta malware


While most MaaS operations target Windows users, macOS isn’t immune to such threats. Last month, security researchers discovered a new Mac information-stealing malware distributed in a phishing campaign targeting players of ‘The Sandbox’ blockchain game. That information stealer also targeted credentials saved in browsers and cryptocurrency wallets. With cryptocurrency wallets being highly targeted by threat actors, we will likely see further malware developers targeting macOS in their search for cryptocurrency wallets to steal. Therefore, macOS users should remain vigilant and avoid downloading files from untrustworthy websites.

Trending: Severe Privacy Vulnerability ‘Acropalypse’ Affects Windows 11 Snipping Tool

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link

Merch

Recent News

EXPLORE OUR STORE

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This