newly-discovered malware steals passwords and exfiltrates data from infected Macs • Graham Cluley

I’m still encountering people who, even after all these years, believe that their Apple Mac computers are somehow magically invulnerable to ever being infected by malware.

This is despite the fact that malware has been infecting different incarnations of Apple computer for even longer than PCs, that macro malware often doesn’t care what operating system you’re using, that there are firms who had over 25 years’ worth of success developing anti-virus software for Macs, and that even Apple itself has been releasing updates to MacOS’s built-in anti-virus defences since 2009.

Yes, there’s a lot lot more malware for PCs than Macs, but that doesn’t mean that the problem doesn’t exist at all. And you may feel very smug not running any type of anti-virus on your Mac, but you’ll probably have the smile wiped off your face if you come a cropper.

With that in mind, it’s worth sharing that boffins at Uptycs shared details of some newly-discovered macOS malware last month, that they have dubbed “MacStealer.”

According to Uptypcs, MacStealer is being distributed on dark web forums for as little as $100 as a tool for stealing the passwords, cookies, and credit card details from Google, Firefox, and Chrome browsers. In addition, the malware can steal Keychain data, and umpteen different types of data files (including documents, spreadsheets, presentations, images, databases, and archives) – sending exfiltrated data back to hackers via Telegram.

Despite MacStealer’s author claiming it is a “first beta version”, it is said to support Intel as well as M1 and M2 Macs, and works on macOS 10 (Catalina) to the latest macOS 13 (Ventura).

According to Uptycs, the malware is being spread in a fairly rudimentary way. Running a boobytrapped .DMG file can cause a fake System Preferences prompt to appear that asks for the user’s password.

Once the hackers have your computer’s password, your problems are going to get a whole lot worse.

There’s no indication that MacStealer is in widespread use by cybercriminals, but regardless it makes sense to protect your computer – whatever operating system you choose to…