Apple’s Macs are generally considered more secure than Windows PCs, but they’re not immune to hacker attacks. While many incidents have proven that Macs are not impenetrable, a new incident has recently been added to the list. Security researchers have discovered a new variant of stealer malware that targets browser credentials, cryptocurrency wallets, and other personal data. I This malware has also been reported in 2024. Previously, they relied on macOS browser extensions to steal data. It is currently targeting Macs with a user base of 100 million using phishing websites and fake GitHub repositories.
We’re giving away the latest and greatest Airpods Pro 2
Sign up to enter the giveaway free newsletter.
person working on apple laptop (Kurt “Cyber Guy” Knutson)
The evolution of information-stealing Mac malware
cyber security company checkpoint has discovered a new variant of information-stealing malware, BanShee. Elastic Security Labs first covered this malware in mid-2024, saying it operates as malware-as-a-service (a business model in which cybercriminals offer access to malicious software and associated infrastructure for a fee). I pointed out that. At that time, it was available for about $3,000 per month.
Check Point said the malware has evolved since it was exposed in September. This time, its developers “stealed” a string encryption algorithm from Apple’s own XProtect antivirus engine and replaced the plain text strings used in the original version. Antivirus programs expect this type of encryption from Apple’s legitimate security tools, so it’s not flagged as suspicious, and BanShee can steal data from targeted devices without being detected. You can steal it silently.
Woman working on Apple desktop and Apple laptop (Kurt “Cyber Guy” Knutson)
4.3 million Americans fall victim to massive health savings account data breach
How Mac malware works
BanShee Stealer is a prime example of how sophisticated malware has become. Once it gets into your system, it immediately starts stealing all kinds of sensitive information. It also tracks data from browsers like Chrome, Brave, Edge, Vivaldi, and cryptocurrency wallet extensions. I will also use that Two-factor authentication (2FA) Extension for retrieving credentials. Additionally, we also collect details about your device’s software and hardware, as well as your external IP address.
This Mac malware tricks users into entering their macOS password by tricking users with fake pop-ups that resemble real system prompts. Once BanShee collects the stolen information, it uses encrypted and encoded files to exfiltrate it to a command and control server to keep the data safe.
The malware authors used GitHub repositories to spread BanShee. They set up fake repositories that appeared to host popular software with stars and reviews to appear trustworthy. These campaigns didn’t just target macOS users using BanShee. They also attack Windows users with different attacks. Malware called Lumma Stealer. In three waves, attackers used these fake repositories to trick people into downloading malicious files.
woman working on laptop (Kurt “Cyber Guy” Knutson)
Massive security flaw puts the most popular browser on MAC at risk
5 tips to protect yourself from Mac malware
Follow these important tips to protect your Mac from the latest malware threats, including the infamous BanShee Stealer.
1) Use strong antivirus software: The best way to protect yourself from malicious links that can install malware and access your personal information is to install antivirus software on all your devices. This protection also warns you about phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best antivirus protection products of 2025 for Windows, Mac, Android, and iOS devices.
2) Be careful with downloads and links. Download software only from trusted sources, such as the Mac App Store or official websites of trusted developers. Be wary of unsolicited emails or messages that encourage you to download or install updates, especially if they contain links. Phishing attempts are often disguised as legitimate update notifications or urgent messages.
3) Keep your software up to date: Make sure both macOS and all installed applications are up to date. Apple frequently releases security patches and updates that address vulnerabilities. Enabling automatic updates for macOS keeps your apps protected without having to manually check for updates. If you need further help, please see my article A guide to keeping all your devices up to date.
4) Please use a strong and unique password. To protect your Mac from malware, it’s also important to use strong, unique passwords for all your accounts and devices. Avoid reusing passwords across different sites and services. a password manager Very helpful here. Generate and store complex passwords that are difficult for hackers to crack.
It also keeps track of all your passwords in one place and automatically fills them in when you log into your account, so you don’t have to remember them yourself. By reducing the number of passwords you need to remember, you are less likely to reuse them, reducing the risk of a security breach. Learn more about me Here are the best password managers of 2025, reviewed by experts.
5) Use two-factor authentication (2FA). enable 2FA For important accounts like Apple ID, email, financial services, etc. This adds an extra step to the login process, making it difficult for an attacker to gain access even if they know the password.
How to remove personal data from the Internet
Cart important points
No device is immune to cyberattacks when human operators are involved. For example, consider BanShee Stealer. The virus was able to target Macs not because Apple’s cybersecurity measures were weak, but because it successfully tricked users into installing it and giving it the necessary permissions. Most breaches, hacks, and other cyberattacks are caused by human error. This highlights the importance of maintaining basic cybersecurity hygiene. It’s important to know what you’re downloading, make sure it comes from a trusted source, and carefully review the permissions you grant to online services and applications.
When you download new software, how do you know if it’s safe to install? Do you rely on app store ratings, reviews, etc.? Email us. Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report newsletter using the link below. Cyberguy.com/Newsletter.
Ask Kurt a question or let us know your story you’d like us to cover.
Follow Kurt’s social channels:
Answers to CyberGuy frequently asked questions:
New from cart:
Copyright 2024 CyberGuy.com. Unauthorized reproduction is prohibited.
