#macsyncstealer — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #macsyncstealer, aggregated by home.social.
-
Malicious Homebrew ads are spreading MacSync stealer
#Homebrew #MacSyncStealer
https://moonlock.com/homebrew-ads-spreading-macsync -
2026-05-08 (Friday): Fake Homebrew page on nycaihong[.]com.
Possibly distributing #MacSyncStealer using an initial loader from hxxp[:]//longbeachmartialarts[.]com/curl/116f3b0bd8053eead15479f4b04bd2d9bc050f282eceeec87fd7908458ad3abe
-
Evil evolution: ClickFix and macOS infostealers
#MacSyncStealer
https://www.sophos.com/en-us/blog/evil-evolution-clickfix-and-macos-infostealers -
Infostealers without borders: macOS, Python stealers, and platform abuse
#DigitStealer #MacSyncStealer #AtomicStealer #PXAStealer
https://www.microsoft.com/en-us/security/blog/2026/02/02/infostealers-without-borders-macos-python-stealers-and-platform-abuse/ -
Infostealers without borders: macOS, Python stealers, and platform abuse
#DigitStealer #MacSyncStealer #AtomicStealer #PXAStealer
https://www.microsoft.com/en-us/security/blog/2026/02/02/infostealers-without-borders-macos-python-stealers-and-platform-abuse/ -
Infostealers without borders: macOS, Python stealers, and platform abuse
#DigitStealer #MacSyncStealer #AtomicStealer #PXAStealer
https://www.microsoft.com/en-us/security/blog/2026/02/02/infostealers-without-borders-macos-python-stealers-and-platform-abuse/ -
Infostealers without borders: macOS, Python stealers, and platform abuse
#DigitStealer #MacSyncStealer #AtomicStealer #PXAStealer
https://www.microsoft.com/en-us/security/blog/2026/02/02/infostealers-without-borders-macos-python-stealers-and-platform-abuse/ -
Infostealers without borders: macOS, Python stealers, and platform abuse
#DigitStealer #MacSyncStealer #AtomicStealer #PXAStealer
https://www.microsoft.com/en-us/security/blog/2026/02/02/infostealers-without-borders-macos-python-stealers-and-platform-abuse/ -
MacSync Stealer Returns: SEO Poisoning and Fake GitHub Repositories Target macOS Users
#MacSyncStealer
https://daylight.ai/blog/macsync-stealer-returns-seo-poisoning -
macOS: Warum von Apple beglaubigte Schadsoftware zum wachsenden Problem wird
Unter macOS taucht zunehmend Schadsoftware auf, die trotz Apples Schutzmechanismen ungehindert startet. Grund sind Apps, die korrekt signiert und von Apple beglaubigt wurden.https://www.apfeltalk.de/magazin/news/macos-warum-von-apple-beglaubigte-schadsoftware-zum-wachsenden-problem-wird/
#Mac #News #Sicherheit #Apple #Beglaubigung #CodeSignierung #Gatekeeper #Jamf #macOS #MacSyncStealer #Malware #Sicherheit -
macOS: Warum von Apple beglaubigte Schadsoftware zum wachsenden Problem wird
Unter macOS taucht zunehmend Schadsoftware auf, die trotz Apples Schutzmechanismen ungehindert startet. Grund sind Apps, die korrekt signiert und von Apple beglaubigt wurden.https://www.apfeltalk.de/magazin/news/macos-warum-von-apple-beglaubigte-schadsoftware-zum-wachsenden-problem-wird/
#Mac #News #Sicherheit #Apple #Beglaubigung #CodeSignierung #Gatekeeper #Jamf #macOS #MacSyncStealer #Malware #Sicherheit -
macOS: Warum von Apple beglaubigte Schadsoftware zum wachsenden Problem wird
Unter macOS taucht zunehmend Schadsoftware auf, die trotz Apples Schutzmechanismen ungehindert startet. Grund sind Apps, die korrekt signiert und von Apple beglaubigt wurden.https://www.apfeltalk.de/magazin/news/macos-warum-von-apple-beglaubigte-schadsoftware-zum-wachsenden-problem-wird/
#Mac #News #Sicherheit #Apple #Beglaubigung #CodeSignierung #Gatekeeper #Jamf #macOS #MacSyncStealer #Malware #Sicherheit -
macOS: Warum von Apple beglaubigte Schadsoftware zum wachsenden Problem wird
Unter macOS taucht zunehmend Schadsoftware auf, die trotz Apples Schutzmechanismen ungehindert startet. Grund sind Apps, die korrekt signiert und von Apple beglaubigt wurden.https://www.apfeltalk.de/magazin/news/macos-warum-von-apple-beglaubigte-schadsoftware-zum-wachsenden-problem-wird/
#Mac #News #Sicherheit #Apple #Beglaubigung #CodeSignierung #Gatekeeper #Jamf #macOS #MacSyncStealer #Malware #Sicherheit -
macOS: Warum von Apple beglaubigte Schadsoftware zum wachsenden Problem wird
Unter macOS taucht zunehmend Schadsoftware auf, die trotz Apples Schutzmechanismen ungehindert startet. Grund sind Apps, die korrekt signiert und von Apple beglaubigt wurden.https://www.apfeltalk.de/magazin/news/macos-warum-von-apple-beglaubigte-schadsoftware-zum-wachsenden-problem-wird/
#Mac #News #Sicherheit #Apple #Beglaubigung #CodeSignierung #Gatekeeper #Jamf #macOS #MacSyncStealer #Malware #Sicherheit -
2025-12-23 (Tuesday): Based on yesterday's Jamf article, I downloaded the fake installer for #MacSyncStealer from zkcall[.]net and ran it on a macOS host in my lab.
A #pcap of the #MacSync #Stealer traffic, the associated IOCs, the #malware sample, and a link to the Jamf article are at www.malware-traffic-analysis.net/2025/12/23/index.html
Of note, the zkcall[.]net download page also has a link for a Windows download. The downloaded EXE file appears to be #DonutLoader, based on one of the follow-up EXE files it retrieved and ran: https://app.any.run/tasks/afd3ae74-2976-492b-a3c0-6e19e9127f68
-
2025-12-23 (Tuesday): Based on yesterday's Jamf article, I downloaded the fake installer for #MacSyncStealer from zkcall[.]net and ran it on a macOS host in my lab.
A #pcap of the #MacSync #Stealer traffic, the associated IOCs, the #malware sample, and a link to the Jamf article are at www.malware-traffic-analysis.net/2025/12/23/index.html
Of note, the zkcall[.]net download page also has a link for a Windows download. The downloaded EXE file appears to be #DonutLoader, based on one of the follow-up EXE files it retrieved and ran: https://app.any.run/tasks/afd3ae74-2976-492b-a3c0-6e19e9127f68
-
2025-12-23 (Tuesday): Based on yesterday's Jamf article, I downloaded the fake installer for #MacSyncStealer from zkcall[.]net and ran it on a macOS host in my lab.
A #pcap of the #MacSync #Stealer traffic, the associated IOCs, the #malware sample, and a link to the Jamf article are at www.malware-traffic-analysis.net/2025/12/23/index.html
Of note, the zkcall[.]net download page also has a link for a Windows download. The downloaded EXE file appears to be #DonutLoader, based on one of the follow-up EXE files it retrieved and ran: https://app.any.run/tasks/afd3ae74-2976-492b-a3c0-6e19e9127f68
-
2025-12-23 (Tuesday): Based on yesterday's Jamf article, I downloaded the fake installer for #MacSyncStealer from zkcall[.]net and ran it on a macOS host in my lab.
A #pcap of the #MacSync #Stealer traffic, the associated IOCs, the #malware sample, and a link to the Jamf article are at www.malware-traffic-analysis.net/2025/12/23/index.html
Of note, the zkcall[.]net download page also has a link for a Windows download. The downloaded EXE file appears to be #DonutLoader, based on one of the follow-up EXE files it retrieved and ran: https://app.any.run/tasks/afd3ae74-2976-492b-a3c0-6e19e9127f68
-
2025-12-23 (Tuesday): Based on yesterday's Jamf article, I downloaded the fake installer for #MacSyncStealer from zkcall[.]net and ran it on a macOS host in my lab.
A #pcap of the #MacSync #Stealer traffic, the associated IOCs, the #malware sample, and a link to the Jamf article are at www.malware-traffic-analysis.net/2025/12/23/index.html
Of note, the zkcall[.]net download page also has a link for a Windows download. The downloaded EXE file appears to be #DonutLoader, based on one of the follow-up EXE files it retrieved and ran: https://app.any.run/tasks/afd3ae74-2976-492b-a3c0-6e19e9127f68
-
Macbook users watch out! New MacSync Stealer malware is slipping past Apple’s notarization, disguised as a trusted app and stealing saved passwords from macOS devices, experts warn.
Read: https://hackread.com/macsync-stealer-mac-app-saved-passwords/
-
New Mac malware just dropped!
MacSync Stealer variant bypasses Apple malware protections
#MacSyncStealer #Apple #Mac #Malware #Vulnerability #Security #Privacy #Tech