• MacStealer: New macOS-based Stealer Malware Identified

    Home » Forums » Cyber Security Information and Advisories » Code Red – Security/Privacy advisories » MacStealer: New macOS-based Stealer Malware Identified

    • This topic has 2 replies, 3 voices, and was last updated 2 months ago.


    Uptycs has already identified three Windows-based malware families that use Telegram this year, including Titan Stealer, Parallax RAT, and HookSpoofer. Attackers are increasingly turning to it, particularly for stealer command and control (C2).

    And now the Uptycs threat research team has discovered a macOS stealer that also controls its operations over Telegram. We’ve dubbed it MacStealer.

    The threat actor who is distributing MacStealer was discovered by the Uptycs threat intelligence team during our dark web hunting. The stealer can extract documents, cookies from a victim’s browser, and login information. It affects Catalina and subsequent macOS versions riding on Intel M1 and M2 CPUs…

    The stealer exhibits the following capabilities:

    Collect the passwords, cookies, and credit card data from Firefox, Google Chrome, and Brave browsers
    Extract files (“.txt”, “.doc”, “.docx”, “.pdf”, “.xls”, “.xlsx”, “.ppt”, “.pptx”, “.jpg”, “.png”, “.csv”, “.bmp”, “.mp3”, “.zip”, “.rar”, “.py”, “.db”)
    Extract KeyChain database (base64 encoded)..

    A miscreant uses Telegram as a command and control platform to exfiltrate victims’ sensitive data…

    Viewing 0 reply threads
    • #2547176

      Theres another MacOS update sitting in updates I believe released today Big Sur 11.7.5 and Safari vers. 16.5.

      No word here if its to fix the above exploit or just the usual Monthly Release.  with the usual opacity on specific issues fixed therein.

      The usual dilemma, probably hold off installation, for now, here after last months fiasco with Big Sur wiping out all the favicons in Safari Start page brought a flurry of updates, or a relative flurry compared to M$, to fix the problem.


    Viewing 0 reply threads
    Reply To: MacStealer: New macOS-based Stealer Malware Identified

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: