Skip to main content
  1. Home
  2. Computing
  3. News

This dangerous new Mac malware steals your credit card info

Add as a preferred source on Google

People like to think that Apple’s Macs are more or less invulnerable to the assorted viruses and trojans that afflict Windows PCs, but that’s far from the truth. That’s just been aptly demonstrated by the emergence of a new malware strain that attempts to steal all of your passwords, credit card data, and more.

The discovery was made by security firm SentinelOne, which named the malware MetaStealer. According to SentinelOne, MetaStealer has the potential to trick you into giving away vital information that could cause a huge amount of damage, and it has a nefarious way of getting what it wants.

A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.
Sora Shimazaki / Pexels

SentinelOne notes that the authors of MetaStealer appear to be targeting business owners who are running Apple’s macOS operating system, posing as potential clients in order to earn their trust and deceive them into installing the malware. That suggests a high level of determination and coordination on the part of MetaStealer’s creators.

Recommended Videos

For instance, SentinelOne cited one business owner who was tricked by someone masquerading as an interested client. “The man I’d been negotiating with on the job this past week sent me a password protected zip file containing this DMG file, which I thought was a bit odd,” they noted.

“Against my better judgment I mounted the image to my computer to see its contents,” they continued. “It contained an app that was disguised as a PDF, which I did not open and is when I realized he was a scammer.”

SentinelOne states that MetaStealer often disguises itself as a PDF file, despite actually being a DMG installer. Its file names have included “AnimatedPoster.dmg,” “AdobeOfficialBriefDescription.dmg,” and “Advertising terms of reference (MacOS presentation).dmg,” all in an attempt to appear legitimate.

Stealing your passwords

A physical lock placed on a keyboard to represent a locked keyboard.
piranka / Getty Images

Once MetaStealer is running on a Mac, it tries to gather as much information as it possibly can. SentinelOne’s analysis identified code snippets for “exfiltrating the keychain, extracting saved passwords, and grabbing files.” A Mac’s keychain contains saved logins, credit card info, encryption keys, and other extremely sensitive data, so losing its contents could be catastrophic. Some samples also appear to target Telegram and Meta apps, giving MetaStealer its name.

MetaStealer is built using Intel x86_64 binaries, which means it is designed to run on Intel-based Macs. Apple started phasing these out in 2020 and replacing them with its own Apple silicon Macs. However, it bundled a translation app called Rosetta into macOS that lets users automatically run Intel apps on Apple silicon Macs. That means having a newer Apple-designed chip doesn’t necessarily protect your Mac from MetaStealer.

SentinelOne says 2023 has seen an “explosion of infostealers targeting the macOS platform,” and MetaStealer is just the latest in a long line of new malware strains aimed squarely at Apple’s customers. That means it’s more important than ever to keep your Mac secure, avoid downloading and running suspicious apps, and use an antivirus app to keep out digital nasties.

Alex Blake
Alex Blake has been working with Digital Trends since 2019, where he spends most of his time writing about Mac computers…
How to install macOS 27 Golden Gate public beta on your Mac?
From a smarter Siri to a more reliable Spotlight, here's your full walkthrough for installing macOS 27 Golden Gate's public beta today.
macOS 27 Golden Gate

Along with iOS 27’s public beta, Apple has also released macOS 27 Golden Gate’s public beta build, so that early adopters can get their hands on the new features, including Siri AI, and provide timely feedback to help ensure a stable iOS launch in September. 

If you’re sold on all the new features but don’t want to put your faithful MacBook through developer beta duty, a public beta offers a much more refined experience. To install macOS 27’s public beta, follow the steps given below. 

Read more
Microsoft is finally fixing the worst thing about Windows Search, but you can’t try it just yet
Windows Insiders in the Experimental channel are getting a Search experience that finally feels less of a billboard and more of what users actually need.
Page, Text, Person

Windows Search has been a mess for years, and I do not use that word lightly. Open it to find a file, and you get trending Bing topics, Microsoft Store promotions, and an AI tools tile that just opens a browser. 

That is changing, but not immediately for all users. Microsoft is rolling out a batch of Windows Search improvements to Insiders in the Experimental channel, and for once, this isn't just a fresh coat of paint.

Read more
Apple doesn’t want to share this AirPods feature with Meta, but the EU may force its hand
Spring 2027, EU only, built under DMA pressure.
The front of the Ray-Ban Meta smartglasses.

I’ve been an AirPods user for the last four years, and one of the things that makes it genuinely hard to leave behind is the seamless, almost magical pairing experience across devices. Open an AirPods case near your iPhone, and a pop-up appears within seconds. Switch to your Mac and the audio follows. 

However, the experience is limited only to Apple devices. Doesn’t matter whether you have one of the coolest pieces of tech on the market right now; if it’s not Apple, it won’t get the same treatment. However, that might change for the Meta Quest or the Ray-Ban Meta glasses, thanks to pressure from the EU. 

Read more