Tag: macos malware
8 articles

macOS Malware Exploits User Trust to Steal Sensitive Data
Beware of a sneaky new macOS malware that tricks you into stealing your own sensitive data - all it needs is for you to paste a single command into Terminal. Dubbed ClickLock Stealer, this clever con artist has already duped at least 100 victims across 33 countries.

macOS Stealer Uses Coercion Loop to Force Password Entry
A new macOS stealer malware has hit over 100 victims across 33 countries in just two months, with a clever coercion loop trick that forces users to enter their passwords. The attack starts with a simple paste-and-run lure, where victims unknowingly paste a command into Terminal after visiting a malicious webpage.

MacOS Malware Exploits Legitimate Developer ID to Steal Login Credentials
Researchers at Jamf Threat Labs uncovered a sneaky new macOS malware, dubbed CrashStealer, that uses a clever disguise to steal sensitive login credentials and other personal data. This cunning malware masquerades as a legitimate Apple component to quietly harvest its victims' information.

Malware Disguises as Apple Tool to Steal macOS Credentials
Beware of a sneaky malware that's masquerading as a legitimate Apple tool to steal your macOS credentials! This malicious software, known as CrashStealer, can infiltrate your password managers and even target over 80 browser-based cryptocurrency wallets.

macOS Malware CrashStealer Exploits Notarization to Evade Gatekeeper Checks
Meet CrashStealer, a sneaky new macOS malware that uses clever tactics to evade detection, including validation of the victim's login password to harvest sensitive data. This native C++ stealer quietly fetches a second-stage payload to steal a broad range of secrets from compromised machines.

macOS Malware Embeds Fake Errors to Evade AI Analysis
Meet macOS.Gaslight, a sneaky new malware family from a North Korean-linked threat actor that's got a clever trick up its sleeve - embedding 38 fake system messages to throw off AI analysis tools. This tiny 3.5 KB payload is packed with deception, making it a formidable foe for cybersecurity experts.

Jinx-0164 Targets Crypto Developers with Custom macOS Malware
Beware of fake meetings on LinkedIn - cyber attackers are using them to trick crypto developers into installing custom macOS malware called Audiofix, which can steal sensitive info like passwords, SSH keys, and cryptocurrency wallet details. This sneaky malware is disguised as an audio fix, but its real goal is to harvest your valuable data.

JINX-0164 Exploits Crypto Firms with Fake Recruiter Lures and macOS Malware
Meet JINX-0164, a cunning threat actor who's been targeting crypto developers with clever fake recruiter lures and custom macOS malware since mid-2025. By impersonating credible LinkedIn profiles and posing as recruiters, they've been tricking victims into virtual meetings that lead to rogue domains.