While macOS doesn’t have as big of a target on its back for hackers as Windows, it isn’t actually immune from malware and a new threat has emerged for modern Macs.
The aptly named MacStealer malware targets macOS laptops and desktops running macOS Catalina or above. That includes those running Intel, M1, or M2 chips. The goal is to steal a wide variety of data from you including iCloud Keychain data, credit card info, passwords, files, images, and more (via The Hacker News).
How does MacStealer work?
The Uptycs researchers that discovered the malware and covered it in their blog were unable to determine how it is being distributed, but it relies on a DMG (macOS installer file) called weed.dmg, which once triggered will open a password prompt that can then be used to gain access to your data.
The malware was spotted in online hacking forums earlier this month and its authors intend to expand on its current features to add support for capturing data from the Safari browser and Apple Notes app. It is currently focused on Google Chrome, Mozilla Firefox, Brave browsers, Microsoft Office files, image files, PDFs, archives, and Python scripts.
How to protect your Mac from MacStealer
There’s not a magic bullet patch or fix for this malware yet, so prevention is the best defense you have. That means you should make sure to keep your macOS laptop or desktop software as up-to-date as possible and avoid installing any software from outside of the App Store unless it is from a trusted source.
