To the new malware. This time we have an interesting (https://www.bleepingcomputer.com/news/security/new-macstealer-macos-malware-steals-passwords-from-icloud-keychain/) MaaS infostealer for Macos — a rarity on the market, mostly working on Windows. MacStealer steals access data from iCloud KeyChain, browsers, wallets and a bunch of files by extensions. The victim receives a DMG file with malware and, if it is launched and the password is entered in a fake window, it launches a command to pull data from the device. functionality on the diagram.
The malware is designed for versions from Catalina to Ventura, the latest. At the same time, it is still in active development and comes without a builder and a panel for a hundred bucks per attacker for a beta version. So it is quite possible to expect that MacStealer will be finalized into something more. And with the pursuit of cybercriminals for crypto wallets, the demand for infostealers working on them under Makos will only grow. Read more about MacStealer with IOCs, servers and more in the report (https://www.uptycs.com/blog/macstealer-command-and-control-c2-malware).