New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems

New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems

August 16, 2024 at 05:27AM

Cybersecurity researchers have discovered Banshee Stealer, a new malware targeting Apple macOS systems, being sold for $3,000 a month. It attacks various browsers, cryptocurrency wallets, and around 100 extensions, harvesting data and employing anti-detection measures. This follows the emergence of other macOS and Windows-based stealers, signaling the rise of platform-specific malware threats.

Key takeaways from the meeting notes:

– New Banshee Stealer malware targeting Apple macOS systems has been discovered, being sold in the cybercrime underground for $3,000 a month.
– Banshee Stealer can target a wide range of browsers, cryptocurrency wallets, and browser extensions, posing a versatile and dangerous threat.
– The malware can harvest system information, iCloud Keychain passwords and Notes, and features anti-analysis and anti-debugging measures.
– It avoids infecting systems where Russian is the primary language and leverages osascript to display a fake password prompt for privilege escalation.
– It can collect data from specific file extensions and exfiltrate the gathered data to a remote server.
– MacOS-specific malware is increasingly becoming a prime target for cybercriminals.

Additionally, another macOS stealer strain leveraging SwiftUI and Apple’s Open Directory APIs has been detailed, posing as a fake password prompt to capture and verify user passwords during installation.

The emergence of new Windows-based stealers and phishing emails targeting Israeli users were also noted.

Full Article