Security News > 2023 > March > New MacStealer macOS malware steals passwords from iCloud Keychain
A new info-stealing malware named MacStealer is targeting Mac users, stealing their credentials stored in the iCloud KeyChain and web browsers, cryptocurrency wallets, and potentially sensitive files.
MacStealer is being distributed as a malware-as-a-service, where the developer sells premade builds for $100, allowing purchasers to spread the malware in their campaigns.
According to the Uptycs threat research team that discovered the new macOS malware, it can run on macOS Catalina and up to the latest version of Apple's OS, Ventura.
The threat actors distribute MacStealer as an unsigned DMG file that poses as something the victim is tricked into executing on their macOS. Upon doing so, a fake password prompt is served to the victim to run a command that allows the malware to collect passwords from the compromised machine.
Last month, security researcher iamdeadlyz also discovered a new Mac information-stealing malware distributed in a phishing campaign targeting players of 'The Sandbox' blockchain game.
With cryptocurrency wallets being highly targeted by threat actors, we will likely see further malware developers targeting macOS in their search for cryptocurrency wallets to steal.
News URL
Related news
- macOS HM Surf vuln might already be under exploit by major malware family (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- New RustyAttr Malware Targets macOS Through Extended Attribute Abuse (source)