Rewards Hub Cybersecurity firm SlowMist has identified an active macOS malware, 'MacSync Stealer' (v1.1.2), which targets cryptocurrency wallets and user credentials. The malware is capable of stealing browser credentials, system keychains, and infrastructure keys such as SSH, AWS, and K8s. It deceives users into entering their login passwords through fake AppleScript pop-ups and displays a false 'Not Supported' error after data exfiltration. SlowMist has shared indicators of compromise (IOCs) with its clients and advises caution against executing unverified scripts and responding to unusual password prompts.
SlowMist Identifies 'MacSync Stealer' Malware Targeting macOS Users
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.