This new macOS infostealer poses as an Apple crash reporting tool to try and steal all your valuable data



  • Jamf researchers uncover “CrashStealer,” a notarized macOS infostealer disguised as Apple’s CrashReporter
  • Distributed via a fake site called “Werkbit Setup”, it bypasses Gatekeeper, installs a LaunchAgent
  • It then uses a fake password prompt to unlock Keychain, exfiltrating credentials, cookies, files, and data from 80 crypto wallets and 14 password managers

A new macOS infostealer has been spotted in the wild, masquerading as an Apple crash reporting tool, experts have warned.

Called CrashStealer, this C++ infostealer was designed to nab login credentials, keychain information, as well as data related to more than 80 cryptocurrency wallets.

https://cdn.mos.cms.futurecdn.net/ctJuqMRzZN6mdeA4UPgdTd-1920-80.jpg



Source link

Latest articles

spot_imgspot_img

Related articles

Leave a reply

Please enter your comment!
Please enter your name here

spot_imgspot_img