MacStealer Malware Steals iCloud Keychain Data and Passwords
Originally Published 2 years ago — by The Hacker News
MacStealer is a new information-stealing malware that primarily affects macOS devices running Catalina and later on M1 and M2 CPUs. It uses Telegram as a command-and-control platform to exfiltrate data and can steal iCloud Keychain data, passwords, and credit card information from browsers like Google Chrome, Mozilla Firefox, and Brave. The malware is propagated as a DMG file and is still a work in progress, with the malware authors planning to add features to capture data from Apple's Safari browser and the Notes app. To mitigate such threats, it's recommended that users keep their operating system and security software up to date and avoid downloading files or clicking links from unknown sources.