HQ/EMEAFind out how we can help your business
The new information-stealing malware, MacStealer, targets Apple’s macOS operating system to harvest information from infected devices. This latest threat is a new malicious entity that utilises Telegram as a C2 platform to exfiltrate data.
Based on reports, the most affected devices of this new infostealer are the macOS version Catalina. Moreover, MacStealer could also run on M1 and M2 CPUs.
The MacStealer infostealer malware could siphon numerous credentials like other payloads that target non-macOS devices.
According to early investigations, the MacStealer malware could steal data, such as documents, browser cookies, and login credentials.
The malware developers first endorsed the MacStealer infostealer on online hacking forums. Its authors asked about $100 as an initial payment for a monthly subscription.
Researchers believe that the malware authors plan to add additional features to the MacStealer so it could harvest data from the Notes app and Apple’s Safari browser.
However, the current version of MacStealer could only exfiltrate iCloud Keychain data, passwords, and credit card information from well-known browsers, such as Mozilla Firefox, Brave, and Google Chrome.
The new malware could also enable its operators to harvest MS Office files, documents, images, and Python scripts.
Unfortunately, researchers have yet to identify the exact process of how the threat actors deliver the MacStealer. What the researchers know is that the infostealer propagates as a DMG file.
Once a target runs this DMG file, it will open a fake password prompt that could collect the user’s password.
This new malware is another infostealer that has emerged in several months. Hence, users face additional threats from many malicious entities in the cybercriminal landscape.
Furthermore, another C#-based malware dubbed HookSpoofer has emerged recently. Experts claimed that the developers created the new malware by taking similar techniques from StormKitty.
Infostealer malware strains are spread through different channels, such as email attachments, fake software downloads, and social engineering campaigns. Therefore, cybersecurity experts suggest users apply updates in their operating systems and security software to thwart such threats. Lastly, avoid downloading unknown files or accessing links from sketchy sources.
