The long-known Banshee stealer has resurfaced with a complicated malware variant that targets macOS techniques. Researchers lately discovered this malware working energetic malicious campaigns, exploiting Apple’s XProtect safety characteristic to evade detection.
New Banshee macOS Malware Variant Targets Extra Macs
Researchers from Examine Level Analysis have found a brand new malware marketing campaign focusing on Mac units. The marketing campaign includes distributing a brand new variant of the infamous Banshee malware, identified for attacking macOS techniques.
Banshee malware appeared in 2024 as a “stealer-as-a-service,” providing assault providers towards Apple Mac techniques. Nevertheless, it couldn’t carry out a lot injury after its supply code leaked on-line, resulting in the malware’s shutdown.
Nonetheless, its on-line code dump enabled the opposite menace actors to spin off the malware to create new threats.
The brand new malware marketing campaign has been covertly working since September 2024. The most recent Banshee variant reveals superior capabilities to keep away from detection. It adopts the string encryption characteristic from Apple’s XProtect safety characteristic for this.
This functionality permits the malware to flee detection, showing as a professional operation to Mac safety because it continues to steal knowledge. The goal data contains knowledge saved in net browsers, corresponding to passwords, cryptocurrency wallets and pockets extensions, IP addresses, system {hardware} particulars, and macOS passwords.
As well as, it reveals all of the malicious capabilities of the unique Banshee stealer, making certain that it garners belief from the menace actors’ group.
In contrast to its predecessor, the brand new Banshee variant appears to succeed in a widespread person base by together with Russian techniques on its goal record.
The menace actors behind this marketing campaign distribute the malware by way of misleading GitHub repositories, mimicking numerous legit software program. In response to Examine Level Analysis, the attackers additionally goal Home windows techniques via the identical repositories, delivering Lumma stealer.
The researchers have shared the main points of the malware marketing campaign of their submit.
As all the time, customers could simply keep away from this and related threats by implementing protected on-line practices, corresponding to downloading software program from official sources, avoiding interactions with unsolicited emails and messages, and conserving their techniques up to date with the newest safety fixes.
Tell us your ideas within the feedback.