A new malware stalks product users Manzana. His name is MacStealer, and attacks laptops and desktops macOS that they execute macOS Catalina or higher.
As explained The Hacker News, MacStealer uses Telegram as a command and control platform to leak data.
“He has the ability to steal documentsvictim browser cookies and login information,” according to Shilpesh Trivedi and Pratik Jeware, uptycs researchers quoted by The Hacker News.
The malware authors plan to add functions to capture data from Apple’s safari browser and the Notes application.
Specifically, the MacStealer design aims to:
- Extract data and passwords.
- Steal credit card information iCloud Keychain from browsers like Google Chrome, Mozilla Firefox, and Brave.
- Collect Microsoft Office files, images, and Python scripts.
MacStealer, a malware against Apple’s macOS that is still in development
Investigators note that MacStealer was introduced on online hacking forums for $100 in early March. The work is still in progress.
The Hacker News indicates that the exact method of infecting the malware is not yet known, although it is spread as a DMG file that, when executed, opens a fake password request under the guise of seeking access to the System Settings app.
Phil Stokes, SentinelOne’s online security expert, recently noted: “As Macs have become increasingly popular with leadership and development teams, the data stored on them is more important to attackers.”
The main recommendation of the researchers, as is common in this type of situation, it is:
- that the users Keep your operating system and security software up to date.
- And avoid downloading files or clicking on links from unknown sources.