Published Jun 5th, 2024 8:37PM EDT
Image: José Adorno for BGR
Our malware articles typically concern either Android or Windows, but Apple users occasionally have to deal with malicious software of their own. For instance, the Moonlock Lab cybersecurity team recently discovered a macOS malware strain that can easily evade detection.
As the researchers explain, the infection chain begins when a Mac user visits a site in search of pirated software. On the site, they might download a file titled CleanMyMacCrack.dmg, believing that the file is a cracked version of the Mac cleaning software, CleanMyMac. After launching that DMG file on their computer, a Mach-O file is executed, which downloads an AppleScript capable of stealing sensitive information from the Mac.
Here’s everything the malware can do once it infects a macOS computer:
Collects and stores the Mac owner’s username
Sets up temporary directories to store stolen data before exfiltration
Extracts browsing history, cookies, saved passwords, and more from browsers
Identifies and accesses common directories containing cryptocurrency wallets
Copies macOS keychain data, Apple Notes data, and cookies from Safari
Gathers general user information, system details, and metadata
Exfiltrates all the stolen data to threat actors
Moonlock claims that the macOS malware appears to be linked to well-known Russian-speaking threat actor Rodrigo4. The hacker was reportedly seen on the XSS underground forum recruiting other hackers to help distribute his stealer through SEO manipulation and ads.
Tech. Entertainment. Science. Your inbox.
Sign up for the most interesting tech & entertainment news out there.
By signing up, I agree to the Terms of Use and have reviewed the Privacy Notice.
If you want to avoid this macOS malware from infecting your computer, Moonlock recommends only downloading software from trusted sources, keeping your operating system and all of your apps updated, and using security software you trust.
Jacob Siegal is Associate Editor at BGR, having joined the news team in 2013. He has over a decade of professional writing and editing experience, and helps to lead our technology and entertainment product launch and movie release coverage.
>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : BGR – https://bgr.com/tech/dangerous-macos-malware-steals-browser-data-and-cryptocurrency/
