#macos-malware — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #macos-malware, aggregated by home.social.
-
Jinx-0164 Targets Crypto Developers with Custom macOS Malware
Beware of fake meetings on LinkedIn - cyber attackers are using them to trick crypto developers into installing custom macOS malware called Audiofix, which can steal sensitive info like passwords, SSH keys, and cryptocurrency wallet details. This sneaky malware is disguised as an audio fix, but its real goal is to harvest your valuable data.
#Jinx0164 #MacosMalware #Crypto #SupplyChain #EmergingThreats
-
JINX-0164 Exploits Crypto Firms with Fake Recruiter Lures and macOS Malware
Meet JINX-0164, a cunning threat actor who's been targeting crypto developers with clever fake recruiter lures and custom macOS malware since mid-2025. By impersonating credible LinkedIn profiles and posing as recruiters, they've been tricking victims into virtual meetings that lead to rogue domains.
#Jinx0164 #MacosMalware #CryptoFirms #SocialEngineering #FinanciallyMotivatedThreatActor
-
North Korean hackers use new macOS malware in crypto-theft attacks
North Korean hackers use new macOS malware in crypto-theft attacks
#Northkoreanhackers #Macosmalwarehttps://opr.news/6f20d50260210en_us?link=1&client=ex_global
Download Now
https://opr.as/share -
XCSSET Malware Mutates Again, Expands Its Reach to Firefox and Crypto Theft https://thecyberexpress.com/xcsset-malware-mutates-to-reach-firefox/ #FirewallDaily #macOSmalware #CyberNews #XCSSET #macOS
-
XCSSET Malware Mutates Again, Expands Its Reach to Firefox and Crypto Theft https://thecyberexpress.com/xcsset-malware-mutates-to-reach-firefox/ #FirewallDaily #macOSmalware #CyberNews #XCSSET #macOS
-
New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions https://www.securityweek.com/new-xcsset-macos-malware-variant-hijacks-cryptocurrency-transactions/ #Malware&Threats #cryptojacking #macOSmalware #malware #XCSSET
-
New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions https://www.securityweek.com/new-xcsset-macos-malware-variant-hijacks-cryptocurrency-transactions/ #Malware&Threats #cryptojacking #macOSmalware #malware #XCSSET
-
New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions https://www.securityweek.com/new-xcsset-macos-malware-variant-hijacks-cryptocurrency-transactions/ #Malware&Threats #cryptojacking #macOSmalware #malware #XCSSET
-
New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions https://www.securityweek.com/new-xcsset-macos-malware-variant-hijacks-cryptocurrency-transactions/ #Malware&Threats #cryptojacking #macOSmalware #malware #XCSSET
-
Xcode devs, beware: a new macOS malware variant is sneaking into projects by disguising itself as a trusted app—and even hijacking clipboard crypto transactions. Curious how it evades detection?
#xcsset
#macosmalware
#xcode
#supplychainattack
#cybersecurity
#malwareanalysis
#obfuscation
#cryptotheft
#browsersecurity -
Widespread Infostealer Campaign Targeting macOS Users https://www.securityweek.com/widespread-infostealer-campaign-targeting-macos-users/ #Malware&Threats #macOSmalware #infostealer #Featured #AMOS
-
Widespread Infostealer Campaign Targeting macOS Users https://www.securityweek.com/widespread-infostealer-campaign-targeting-macos-users/ #Malware&Threats #macOSmalware #infostealer #Featured #AMOS
-
Widespread Infostealer Campaign Targeting macOS Users https://www.securityweek.com/widespread-infostealer-campaign-targeting-macos-users/ #Malware&Threats #macOSmalware #infostealer #Featured #AMOS
-
Widespread Infostealer Campaign Targeting macOS Users https://www.securityweek.com/widespread-infostealer-campaign-targeting-macos-users/ #Malware&Threats #macOSmalware #infostealer #Featured #AMOS
-
Hundreds Targeted in New Atomic macOS Stealer Campaign https://www.securityweek.com/hundreds-targeted-in-new-atomic-macos-stealer-campaign/ #Malware&Threats #macOSmalware #SHAMOS #AMOS
-
Hundreds Targeted in New Atomic macOS Stealer Campaign https://www.securityweek.com/hundreds-targeted-in-new-atomic-macos-stealer-campaign/ #Malware&Threats #macOSmalware #SHAMOS #AMOS
-
Hundreds Targeted in New Atomic macOS Stealer Campaign https://www.securityweek.com/hundreds-targeted-in-new-atomic-macos-stealer-campaign/ #Malware&Threats #macOSmalware #SHAMOS #AMOS
-
Hundreds Targeted in New Atomic macOS Stealer Campaign https://www.securityweek.com/hundreds-targeted-in-new-atomic-macos-stealer-campaign/ #Malware&Threats #macOSmalware #SHAMOS #AMOS
-
Moonlock analysed Mac.c stealer, a new rival to AMOS. Learn its tactics, code reuse, and "building in public" strategy. https://hackernoon.com/macc-stealer-takes-on-amos-a-new-rival-shakes-up-the-macos-infostealer-market #macosmalware
-
Moonlock analysed Mac.c stealer, a new rival to AMOS. Learn its tactics, code reuse, and "building in public" strategy. https://hackernoon.com/macc-stealer-takes-on-amos-a-new-rival-shakes-up-the-macos-infostealer-market #macosmalware
-
Nowe złośliwe oprogramowanie „NimDoor” atakuje użytkowników macOS
Zespół SentinelLabs ujawnił kampanię hakerską prowadzoną przez grupę powiązaną z Koreą Północną (DPRK), która wykorzystuje fałszywe zaproszenia Zoom do infekowania komputerów Mac złośliwym oprogramowaniem nazwanym NimDoor.
To jeden z najbardziej zaawansowanych ataków na macOS, skierowany głównie w startupy z sektora Web3 i kryptowalut.
Jak działa atak?
- Podszywanie się pod znajomego na Telegramie – ofiara zapraszana jest na spotkanie przez Calendly.
- W e-mailu pojawia się fałszywy link do aktualizacji SDK Zooma – zawiera plik z ponad 10 000 pustych linii kodu, by ukryć funkcję.
- Po uruchomieniu, malware:
- nawiązuje zaszyfrowane połączenie przez WebSocket Secure (wss) z serwerem kontrolującym,
- utrzymuje dostęp po restarcie systemu, wykorzystując sygnały SIGINT/SIGTERM,
- eksportuje dane z Keychaina, przeglądarek i Telegrama przy użyciu skryptów Bash,
- wykorzystuje AppleScript i język Nim, co jest rzadkością w malware na macOS.
Co czyni NimDoor wyjątkowym? Wykorzystuje język Nim – bardziej złożony i mniej wykrywany niż typowe Go, Python czy Bash. Wprowadza też nową technikę trwałości, działającą nawet po restarcie systemu. Posiada ponadto rozbudowany łańcuch infekcji, od socjotechniki po wieloetapowe backdoory.
Fałszywy plik aktualizacji zawiera ukryty kod, utrudniając analizę i wykrycie.
Jak się zabezpieczyć?
- Nie pobieraj aktualizacji Zooma (ani innych aplikacji) spoza oficjalnych źródeł.
- Zgłaszaj podejrzane zaproszenia do spotkań otrzymane przez Telegram lub e-mail.
- Regularnie aktualizuj macOS i oprogramowanie zabezpieczające.
- Używaj menedżera haseł i weryfikacji dwuetapowej.
#AppleScriptMalware #atakNaWeb3 #BashExfiltration #fakeZoomSDK #hakerzyZKoreiPółnocnej #kryptowalutyBezpieczeństwo #macOSMalware #macOSSpyware2025 #macOSZabezpieczenia #malwareNim #NimDoor #SentinelLabsRaport #zagrożeniaDlaStartupów #ZoomFałszywaAktualizacja
-
macOS Users Warned of New Versions of ReaderUpdate Malware – Source: www.securityweek.com https://ciso2ciso.com/macos-users-warned-of-new-versions-of-readerupdate-malware-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #securityweekcom #macOSmalware #ReaderUpdate #securityweek #Malware #adware
-
macOS Users Warned of New Versions of ReaderUpdate Malware – Source: www.securityweek.com https://ciso2ciso.com/macos-users-warned-of-new-versions-of-readerupdate-malware-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #securityweekcom #macOSmalware #ReaderUpdate #securityweek #Malware #adware
-
macOS Users Warned of New Versions of ReaderUpdate Malware https://www.securityweek.com/macos-users-warned-of-new-versions-of-readerupdate-malware/ #Malware&Threats #macOSmalware #ReaderUpdate #malware #adware
-
macOS Users Warned of New Versions of ReaderUpdate Malware https://www.securityweek.com/macos-users-warned-of-new-versions-of-readerupdate-malware/ #Malware&Threats #macOSmalware #ReaderUpdate #malware #adware
-
Albabat Ransomware Expands Targets, Abuses GitHub – Source: www.securityweek.com https://ciso2ciso.com/albabat-ransomware-expands-targets-abuses-github-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #securityweekcom #Linuxmalware #macOSmalware #securityweek #ransomware #Albabat
-
Albabat Ransomware Expands Targets, Abuses GitHub – Source: www.securityweek.com https://ciso2ciso.com/albabat-ransomware-expands-targets-abuses-github-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #securityweekcom #Linuxmalware #macOSmalware #securityweek #ransomware #Albabat
-
Albabat Ransomware Expands Targets, Abuses GitHub https://www.securityweek.com/albabat-ransomware-expands-targets-abuses-github/ #Linuxmalware #macOSmalware #Ransomware #ransomware #Albabat
-
Albabat Ransomware Expands Targets, Abuses GitHub https://www.securityweek.com/albabat-ransomware-expands-targets-abuses-github/ #Linuxmalware #macOSmalware #Ransomware #ransomware #Albabat
-
Albabat Ransomware Expands Targets, Abuses GitHub https://www.securityweek.com/albabat-ransomware-expands-targets-abuses-github/ #Linuxmalware #macOSmalware #Ransomware #ransomware #Albabat
-
Albabat Ransomware Expands Targets, Abuses GitHub https://www.securityweek.com/albabat-ransomware-expands-targets-abuses-github/ #Linuxmalware #macOSmalware #Ransomware #ransomware #Albabat
-
New FrigidStealer macOS Malware Distributed as Fake Browser Update https://www.securityweek.com/new-frigidstealer-macos-malware-distributed-as-fake-browser-update/ #Malware&Threats #FrigidStealer #macOSmalware #malware
-
New FrigidStealer macOS Malware Distributed as Fake Browser Update https://www.securityweek.com/new-frigidstealer-macos-malware-distributed-as-fake-browser-update/ #Malware&Threats #FrigidStealer #macOSmalware #malware
-
New FrigidStealer macOS Malware Distributed as Fake Browser Update https://www.securityweek.com/new-frigidstealer-macos-malware-distributed-as-fake-browser-update/ #Malware&Threats #FrigidStealer #macOSmalware #malware
-
New FrigidStealer macOS Malware Distributed as Fake Browser Update https://www.securityweek.com/new-frigidstealer-macos-malware-distributed-as-fake-browser-update/ #Malware&Threats #FrigidStealer #macOSmalware #malware
-
Microsoft Warns of Improved XCSSET macOS Malware – Source: www.securityweek.com https://ciso2ciso.com/microsoft-warns-of-improved-xcsset-macos-malware-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #securityweekcom #macOSmalware #securityweek #Malware #XCSSET
-
Microsoft Warns of Improved XCSSET macOS Malware – Source: www.securityweek.com https://ciso2ciso.com/microsoft-warns-of-improved-xcsset-macos-malware-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #securityweekcom #macOSmalware #securityweek #Malware #XCSSET
-
Microsoft Warns of Improved XCSSET macOS Malware https://www.securityweek.com/microsoft-warns-of-improvements-to-xcsset-macos-malware/ #Malware&Threats #macOSmalware #malware #XCSSET
-
Microsoft Warns of Improved XCSSET macOS Malware https://www.securityweek.com/microsoft-warns-of-improvements-to-xcsset-macos-malware/ #Malware&Threats #macOSmalware #malware #XCSSET
-
Microsoft Warns of Improved XCSSET macOS Malware https://www.securityweek.com/microsoft-warns-of-improvements-to-xcsset-macos-malware/ #Malware&Threats #macOSmalware #malware #XCSSET
-
Microsoft Warns of Improved XCSSET macOS Malware https://www.securityweek.com/microsoft-warns-of-improvements-to-xcsset-macos-malware/ #Malware&Threats #macOSmalware #malware #XCSSET
-
22 New Mac Malware Families Seen in 2024 https://www.securityweek.com/22-new-mac-malware-families-seen-in-2024/ #Malware&Threats #macOSmalware #malware
-
22 New Mac Malware Families Seen in 2024 https://www.securityweek.com/22-new-mac-malware-families-seen-in-2024/ #Malware&Threats #macOSmalware #malware
-
22 New Mac Malware Families Seen in 2024 https://www.securityweek.com/22-new-mac-malware-families-seen-in-2024/ #Malware&Threats #macOSmalware #malware
-
22 New Mac Malware Families Seen in 2024 https://www.securityweek.com/22-new-mac-malware-families-seen-in-2024/ #Malware&Threats #macOSmalware #malware
-
Objective by the Sea slides/recordings are posted to their site. Check it out for great research on all things macOS security.
-
Objective by the Sea slides/recordings are posted to their site. Check it out for great research on all things macOS security.
-
Banshee macOS Malware Expands Targeting – Source: www.securityweek.com https://ciso2ciso.com/banshee-macos-malware-expands-targeting-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #securityweekcom #Bansheestealer #macOSmalware #securityweek #Malware
-
Banshee macOS Malware Expands Targeting – Source: www.securityweek.com https://ciso2ciso.com/banshee-macos-malware-expands-targeting-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Malware&Threats #securityweekcom #Bansheestealer #macOSmalware #securityweek #Malware
-
Banshee macOS Malware Expands Targeting https://www.securityweek.com/banshee-macos-malware-expands-target-list/ #Malware&Threats #Bansheestealer #macOSmalware #malware
-
Banshee macOS Malware Expands Targeting https://www.securityweek.com/banshee-macos-malware-expands-target-list/ #Malware&Threats #Bansheestealer #macOSmalware #malware
-
Banshee macOS Malware Expands Targeting https://www.securityweek.com/banshee-macos-malware-expands-target-list/ #Malware&Threats #Bansheestealer #macOSmalware #malware
-
Banshee macOS Malware Expands Targeting https://www.securityweek.com/banshee-macos-malware-expands-target-list/ #Malware&Threats #Bansheestealer #macOSmalware #malware
-
📬 Banshee Stealer Quellcode geleakt: macOS-Malware unschädlich gemacht
#ITSicherheit #Malware #BansheeStealer #ElasticSecurityLabs #macOS #macOSMalware #QuellcodeLeak #VXUnderground https://sc.tarnkappe.info/ad2a32 -
📬 Banshee Stealer Quellcode geleakt: macOS-Malware unschädlich gemacht
#ITSicherheit #Malware #BansheeStealer #ElasticSecurityLabs #macOS #macOSMalware #QuellcodeLeak #VXUnderground https://sc.tarnkappe.info/ad2a32 -
North Korean malware evades Apple notarization, targets macOS users - The newly discovered malware is interesting for being the first of its k... - https://cointelegraph.com/news/north-korean-malware-bypasses-apple-security #northkoreacryptohacks #northkoreanhackers #applenotarization #jamfthreatlabs #malwareevasion #fluttermalware #applesecurity #cryptomalware #macosmalware #dprkmalware
-
New MacOS Malware Let Attackers Control The Device Remotely https://cybersecuritynews.com/macos-malware-control-device-remotely/ #CybersecurityThreats #RemoteAccessTrojan #CyberSecurityNews #macosmalware #Malware #macOS
-
Neue macOS-Malware tarnt sich als beliebte Apps und stiehlt Daten
Sicherheitsforscher:innen haben eine neue macOS-Malware entdeckt, die darauf abzielt, die sensibelsten Daten der Nutzer:innen zu stehlen. Die Malwa
https://www.apfeltalk.de/magazin/news/neue-macos-malware-tarnt-sich-als-beliebte-apps-und-stiehlt-daten/
#Mac #News #CthulhuStealer #Cyberkriminalitt #Datensicherheit #Gatekeeper #iCloudSchlsselbund #MacAppStore #MacOSMalware #MacOSSequoia #MalwareSchutz #Sicherheitsbedrohungen -
📬 XLoader: macOS-Malware tarnt sich als OfficeNote-Anwendung
#ITSicherheit #Malware #DineshDevadoss #Formbook #Keylogger #macOS #macOSMalware #OfficeNote #PhilStokes #SentinelOne #XLoader https://tarnkappe.info/artikel/it-sicherheit/xloader-macos-malware-tarnt-sich-als-officenote-anwendung-279902.html -
🚨 New macOS malware "Realst" targets cryptocurrency wallets 🚨
Fake blockchain games like Brawl Earth & WildWorld distribute malware on social media. Realst steals data from web browsers & crypto wallets, sending it back to threat actors. Over 16 variants of Realst discovered, actively evolving. Beware of Discord & "verified" Twitter accounts promoting games. Stay vigilant, protect your crypto!The article discusses a new Mac malware named 'Realst' that is being used in a massive campaign targeting Apple computers. Some of its latest variants include support for macOS 14 Sonoma, which is still in development.
Key Points:
The malware is distributed to both Windows and macOS users in the form of fake blockchain games.
These games are promoted on social media, with the threat actors using direct messages to share access codes required to download the fake game client from associated websites.
The game installers infect devices with information-stealing malware, such as RedLine Stealer on Windows and Realst on macOS.
This type of malware will steal data from the victim's web browsers and cryptocurrency wallet apps and send them back to the threat actors.
SentinelOne analyzed 59 Mach-O samples of the Realst malware and found several distinct differences. This allowed the researchers to identify 16 variants of the macOS malware, a sign of active and rapid development.
The malware targets Firefox, Chrome, Opera, Brave, Vivaldi, and the Telegram app, but none of the analyzed Realst samples target Safari.
The 16 distinct variants are categorized into four main families based on their traits, namely A, B, C, and D.
Roughly 30% of the samples from families A, B, and D contain strings that target the upcoming macOS 14 Sonoma.
MacOS users are advised to be cautious with blockchain games, as those distributing Realst use Discord channels and "verified" Twitter accounts to create a false image of legitimacy.
The main goal is likely to steal crypto wallets and the funds within them, leading to costly attacks.This summary is based on an article from BleepingComputer titled 'New Realst macOS malware steals your cryptocurrency wallets'. You can find it here: https://www.bleepingcomputer.com/news/security/new-realst-macos-malware-steals-your-cryptocurrency-wallets/
#CyberSecurity #Malware #Cryptocurrency #MacOSMalware #Realst #CyberThreat #Cryptowallets #SecurityAlert