Subj : This new macOS malware is targeting iCloud Keychain to steal all To : All From : TechnologyDaily Date : Tue Mar 28 2023 14:00:03 This new macOS malware is targeting iCloud Keychain to steal all your details Date: Tue, 28 Mar 2023 12:45:03 +0000 Description: New macOS malware sold on the dark web for as little as $100. FULL STORY ====================================================================== Security experts have warned macOS users about a new piece of malware being advertised on the dark web that seeks to exfiltrate sensitive data, such as passwords , cryptocurrency wallet information, and similar. Cybersecurity researchers from the Uptycs threat research team recently spotted a threat actor adveritsing their new product on the dark web, with the explicit aim of targeting macOS users. The malware is being sold for $100, with the criminals claiming theyre offering such a competitive price because the product is still in early development stages and doesnt have a builder or panel. Stealing passwords Instead, users can get a pre-built DMG payload for different versions of macOS: Catalina, Big Sur, Monterey, and Ventura (the latter is the latest macOS version). Those that choose to purchase MacStealer must then find a way to distribute it to their victims, as the developer only sells the malware. Those that decide to run the malicious executable will be prompted with a fake password popup, through which theyd give MacStealer the permission to collect sensitive information from the compromised endpoint. Read more > This new custom macOS malware seizes control of your Google Drive account > This creepy macOS malware secretly takes screenshots of your device > These are the best ID theft protection services right now That being said, the tool is able to do quite a few things, including stealing account passwords, cookies, and credit card details stored in popular browsers such as Firefox, Chrome, or Brave; exfiltrating the Keychain database in base64 encoded form; gather system information; gather Keychain password information; and grab data from some of the most popular cryptocurrency wallets (MetaMask, Exodus, Tron, Binance, and others). Once it collects all of the information it needs, it compresses them into a ..ZIP file and mails them back to its command & control server. Furthermore, it sends basic data to the malware operators pre-configured Telegram channel, notifying them of the successful operation. MacOS malware arent that common, but they do happen. Last month, BleepingComputer reminds, security researchers discovered such malware in a phishing campaign targeting The Sandbox players. This malware also hunted for information stored in browsers, as well as cryptocurrency wallet information. Check out the best firewalls Via: BleepingComputer ====================================================================== Link to news story: https://www.techradar.com/news/this-new-macos-malware-is-targeting-icloud-keyc hain-to-steal-all-your-details --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .