Beware of new MacStealer malware that can steal your iCloud keychain data and passwords

Mac computers are the latest targets of new info-stealing malware according to a report from the cybersecurity firm Uptycs who located it while searching for threats on the dark web.  The dark web is notorious for being a hub for illegal activities and a breeding ground for new malware, so it’s not surprising that cybercriminals are actively targeting Mac computers. Here’s everything we know so far.

What does the new malware do?

The new malware is called MacStealer, and it is capable of stealing sensitive data stored in iCloud Keychains, including passwords and credit card information. How these hackers are spreading the malware is still unknown, however, it is likely being spread on fake websites or sent via phishing emails. All that is known is that the malware appears as a DMG file.

A variety of Mac browsers are being attacked, including Google Chrome, Mozilla Firefox, and Brave. However, the malware can also harvest Microsoft Office files, images, archives, and Python scripts from infected Macs.

Once MacStealer infects a Mac device, it opens a fake password prompt for users trying to gain access to their System Settings app. Instead of granting access to the app, the malware begins harvesting the user’s credentials. It then sends the stolen data back to a command and control server operated by the hackers distributing this malware by using the encrypted messaging app Telegram.

A hacking forum where the MacStealer creators have been regularly discussing the malware has revealed that the cybercriminals want to add even more new features, including the ability to capture data from Apple’s Safari browser and its Notes app.

How do I keep my Mac safe?

Update your software

One thing you can do right now is open your Settings app on your Mac computer and make sure that you have the most recent software update installed. If you do not, install it right now. Apple is always making improvements in its security for its devices, so you must make sure all your Apple devices are always up to date.  Word of caution: always backup your computer on your Mac so you can reinstall should there be any issues with the update.

Have good antivirus software on all your devices

Antivirus software will protect you from accidentally clicking malicious links and will remove any malware from your devices.  My #1 recommendation is TotalAV, and you can now get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for TotalAV Antivirus Pro package.  Read my review for best antivirus software here.

Be careful what emails you open and which links you click

You also always want to make sure that you’re avoiding opening emails from unknown senders and downloading any attachments they may contain.

Avoid clicking on any links within the email as well without inspecting them first to see where they will take you.

MORE: HOW TO PREVENT PHISHING ATTACKS

 

Have you seen any suspicious activity on your Mac? Let us know below.

 

Related:

Related posts

Best last minute holiday gifts

Understanding brushing scams and how to protect yourself

From TikTok to trouble: How your online data can be weaponized against you

21 comments

Richard Losch April 1, 2023 - 9:43 am
Every day I get one or two emails telling me that I have won something (usually something quite expensive). All I have to do is click on the CLAIM NOW link (as iff I ever would).
Add Comment