New MacStealer malware examined | SC Media
iOS VPN App
MacStealer has been deployed as an unsigned DMG file, which when executed would trigger a fake password prompt to run a command enabling password collection, according to a report from Uptycs.
After conducting the data gathering process, MacStealer proceeds to store the data in a ZIP file, which is then delivered to remote command-and-control servers. Certain data is also being concurrently sent by the malware to a pre-configured Telegram channel, enabling quick notifications to attackers regarding the theft of new data, said researchers.
The emergence of MacStealer comes a month after the discovery of another information-stealing malware by security researcher iamdeadlyz. Such malware was deployed in a phishing campaign aimed at individuals playing the blockchain game “The Sandbox.”