MacStealer is the latest threat detected for Mac!
As much as Apple brags about the security of its operating systems, with good reason, it’s inevitable that every now and then cybercriminals will insist on exploiting a vulnerability to attack. According to a report shared by security researchers at Uptycs,** a new malware targeting Macs called MacStealer has been identified.**
The MacStealer was designed to extract iCloud passwordsin particular those related to our financial data, such as Firefox, Google Chrome and Microsoft Brave browser passwords, cookies and credit card data
MacStealer seeks financial data
Uptycs discovered the existence of the MacStealer through its research on the “dark web”. The creator of this malware promotes its capabilities and makes it available to criminals for $100 per version. Unlike other macOS malware, it is not yet known how the “weed.dmg” file is distributed, but opening this DMG file is enough to infect a Mac.
The researchers explained that the malware collects the data, compresses it into a single zip file, sends the file, and then deletes it from the Mac. So far, Apple has not commented on this:
It is unclear whether MacStealer has been registered in the CVE.report database which tracks vulnerabilities and exposures, and Apple has not commented on the malware. Apple released updates to macOS Big Sur, Monterey, and Ventura on Monday, but based on the security notes, those updates don’t appear to include fixes for MacStealer.
Although it poses a considerable risk, MacStealer is easily detected by Gatekeeper, who will block it on most Macs, running macOS Catalina or later, with M-series chips from Intel or Apple, which are targeted by this virus.
while being distributed by an app called Weed, with a marijuana icon probably won’t seem like a sure thing to many users. But when it doesn’t, it pursues its purpose by running the application manually and then you have to enter the Mac password to grant it access to system settings for it to work.
Undoubtedly, and although there are many alerts to get rid of this malware, its existence once again reminds us of the importance of downloading apps from the Mac App Store or from trusted developer websites.