Sign in Create account

#macsyncstealer — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #macsyncstealer, aggregated by home.social.

apfeltalk :verified: @[email protected] · 2025-12-29 · 11:01 UTC

macOS: Warum von Apple beglaubigte Schadsoftware zum wachsenden Problem wird
Unter macOS taucht zunehmend Schadsoftware auf, die trotz Apples Schutzmechanismen ungehindert startet. Grund sind Apps, die korrekt signiert und von Apple beglaubigt wurden.
https://www.apfeltalk.de/magazin/news/macos-warum-von-apple-beglaubigte-schadsoftware-zum-wachsenden-problem-wird/
#Mac #News #Sicherheit #Apple #Beglaubigung #CodeSignierung #Gatekeeper #Jamf #macOS #MacSyncStealer #Malware #Sicherheit

#mac #news #sicherheit #apple #beglaubigung #codesignierung
Brad @[email protected] · 2025-12-23 · 18:45 UTC

2025-12-23 (Tuesday): Based on yesterday's Jamf article, I downloaded the fake installer for #MacSyncStealer from zkcall[.]net and ran it on a macOS host in my lab.
A #pcap of the #MacSync #Stealer traffic, the associated IOCs, the #malware sample, and a link to the Jamf article are at www.malware-traffic-analysis.net/2025/12/23/index.html
Of note, the zkcall[.]net download page also has a link for a Windows download. The downloaded EXE file appears to be #DonutLoader, based on one of the follow-up EXE files it retrieved and ran: https://app.any.run/tasks/afd3ae74-2976-492b-a3c0-6e19e9127f68

#macsyncstealer #pcap #macsync #stealer #malware #donutloader