Malware

Security researchers have discovered new macOS malware that’s built to steal your most sensitive data. Dubbed ‘Cthulhu Stealer,’ the malware targets users by impersonating popular apps so it can harvest your system password, iCloud Keychain passwords, cryptocurrency wallets, and more.

A “sophisticated and alarming” Mac malware attack is being carried out in the guise of free versions of popular apps like the screen recording utility Loom, cryptocurrency manager LedgerLive, and MMO game Black Desert Online.

It appears to be a well-organized attack, with the fake Mac app offers promoted through a combination of legitimate-looking Google ads and phishing emails …

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Security researchers have identified an attempt by state-sponsored hackers from North Korea (DPRK) to target Mac users with infostealer malware through a trojanized meeting app.

Once infected, the malware would establish a connection between the Mac and the attacker’s command and control (C2) server to exfiltrate sensitive data like iCloud Keychain credentials. It was also found to quietly install the remote desktop application AnyDesk and keylogging software in the background to take over machines and collect keystrokes.

It is a long-standing misconception that Macs are impervious to malware. This has never been the case. And while Apple might secretly hope people continue the preconceived notion, Mac users continue to be caught off guard by cybercriminals whose attack methods are becoming increasingly sophisticated. Below, you’ll find the most common macOS malware strains in 2024…

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Kaspersky, the renowned Russian cybersecurity firm, made headlines at this time last year after uncovering an attack chain using four iOS zero-day vulnerabilities to create a zero-click exploit. Kaspersky was able to identify and report one of the vulnerabilities to Apple. However, in an unfortunate update, Apple reportedly refuses to pay the security bounty for the firm’s contribution.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Some of us are old enough to remember the days when malware was strictly a Windows problem. Macs were more secure by design, but another key factor was that there weren’t enough of them in use to make Mac malware a sensible use of time for attackers.

With Macs now very much a mainstream choice for consumers and businesses alike, they’ve also become a far more attractive target for cybercriminals – and Mac malware is a real and growing problem …

Ever wonder what malware macOS can detect and remove without help from third-party software? Apple continuously adds new malware detection rules to Mac’s built-in XProtect suite. While most of the rule names (signatures) are obfuscated, with a bit of reversing engineering, security researchers can map them to their common industry names. See what malware your Mac can remove below!

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Following the release of new betas last week, Apple snuck out one of the most significant updates to XProtect I’ve ever seen. The macOS malware detection tool added 74 new Yara detection rules, all aimed at a single threat, Adload. So what is it exactly, and why does Apple see it as such an issue?

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Email security today has many shortcomings. It is widely known that email service providers cannot prevent every suspicious email from being received. However, a new study by web browser security startup SquareX reveals how little companies are doing to block malicious attachments and protect users.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

During an analysis of various splinter samples of a noteworthy macOS stealer, security researchers at Moonlock discovered one with an alarming level of sophistication. Under the disguise of the unreleased video game GTA 6, once installed, the malware executes rather clever techniques to extract sensitive information, such as passwords from a user’s local Keychain.

In typical Security Bite fashion, here’s the breakdown: how it works and how to stay safe.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Security researchers at Moonlock, the relatively new cybersecurity wing of MacPaw, have detected a new strain of macOS malware disguised as a legitimate Mac app that can destroy itself in certain conditions. At its worst, it can unknowingly extract cookies from Safari and Chrome, contacts from Address Book, and passwords from installed password managers. Meet Empire Transfer…

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Security researchers have detected a new strain of malware hidden in some commonly pirated macOS applications. Once installed, the apps unknowingly execute trojan-like malware in the background of a user’s Mac. What happens from here is nothing good…

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Macs are more protected from malicious software like viruses, Trojans, adware, etc. than Windows and Linux. However, they aren’t immune, and more and more malware is being designed specifically for Mac. Whether you just want to do a checkup or think your (or someone else’s) machine might be affected, here’s a look at 6 valuable malware/virus scanner Mac tools including free and paid options.

Security researchers have pulled the curtain back on what appears to be a variant of the infamous RustBucket malware that targets macOS systems. What was first detected earlier in April, a new report from Jamf Threat Labs highlights how this attack continues to evolve and who its potential targets may be.

Following its 2023 State of Malware report back in February, Malwarebytes is out with its yearly State of Ransomware study. As attacks continue to grow, the US saw 7 times more ransomware incidents than the second most attacked country. Here are the details of what the report found.

Back in March, we saw a piece of malware surface for macOS called MacStealer that’s able to compromise iCloud Keychain passwords, credit card information, files, and more. Now a new malware called Atomic macOS Stealer is being sold as a service to malicious parties that may be more threatening.

So far this year we’ve seen a few reports about malware that’s affecting Macs. Now Elastic Security Labs has released its spring 2023 Global Threat Report. It offers a big-picture look at the state of malware including how often it’s impacting Mac vs Windows and Linux, the most common malware overall, the most common malware on Mac, and more.

Security researchers have identified a new piece of Mac malware, which they’ve dubbed MacStealer. The malware extracts your iCloud passwords, a wide variety of files, and credit card details stored in browsers.

The good news, however, is that you’d have to be very naive to fall victim to it …

Update: Apple has now commented on the findings – see the end of the piece.

Cybersecurity company Jamf Threat Labs has found Mac cryptomining malware in pirate copies of Final Cut Pro. The firm says that the cryptojacking malware was particularly well hidden, and not detected by most Mac security apps.

Jamf also warned that the power of Apple Silicon Macs is going to make them increasingly popular targets for cryptojacking – where malware uses your machine’s considerable processing power to mine cryptocurrencies for the benefit of attackers …

Malwarebytes has released its latest report digging into the state of malware in 2023. The findings include recent key security developments, 5 cyber threat archetypes to watch out for this year, what type of malware was found most on Macs, and more.

A nasty piece of Mac malware is being actively used in the wild to capture personal data from Macs. Security researchers say that CloudMensis spyware can allow an attacker to download files, capture keystrokes, take screengrabs, and more.

Cybersecurity firm ESET says that the spyware has been in active use since February, and appears to be targeting specific individuals …