Skip to main content

This new threat proves that Macs aren’t immune from malware

A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.
Sora Shimazaki / Pexels

Despite constant warnings, many Mac users have come to believe their computers are safe from malware attacks. A new threat targeting Mac users called Banshee Stealer, however, refutes that notion. As reported on by security firm Elastic Labs, Banshee Stealer targets popular browsers and crypto wallets and even attempts to steal data from iCloud Keychain passwords and Notes.

“Banshee Stealer targets a wide range of browsers, cryptocurrency wallets, and around 100 browser extensions, making it a highly versatile and dangerous threat,” Elastic Security Labs said in a report on Thursday.

Recommended Videos

The new malware collects browser history, cookies, logins, and more, all from some of the most popular browsers and crypto wallets, including Microsoft Edge, Google Chrome, Mozilla Firefox, Electrum, Coinomi, Wasabi Wallet, and more.

Banshee Stealer incorporates measures to make it difficult for security researchers to find flaws in it or understand how it works. An interesting detail is that it uses the CFLocaleCopyPreferredLanguages API to detect the computer’s primary language. If the user sets the language to Russian, it avoids infecting the system.

However, the malware can also show users a fake password prompt to try to trick the user into entering their password to gain privilege escalation. After launching an app, the user will see a prompt and a message telling them to update system settings and to enter their password.

It can also grab info from files matching a number of different file formats, including .txt, .docx, .wallet, and more.

Broadcom-owned Symantec explained how it works in more detail: “It begins by running a Swift-based dropper that displays a fake password prompt to deceive users. After capturing credentials, the malware verifies them using the OpenDirectory API and subsequently downloads and executes malicious scripts from a command-and-control server.”

Like other malware, the Banshee Stealer is being sold, but the unusual thing is its hefty $3,000 a month price. Elastic Labs notes that this is quite a high price, especially compared to similar Windows malware.

This malware threat isn’t the first and won’t be the last. However, Mac users can take precautions to stay safe, such as being cautious about where they download files and always keeping their Mac updated since it contains critical security patches. And hey, some antivirus software isn’t a terrible idea either.

Judy Sanhz
Judy Sanhz is a Digital Trends computing writer covering all computing news. Loves all operating systems and devices.
The new M4 MacBook Pro comes with these 7 major changes
MacBook Pro with M4

Apple has officially announced the M4 MacBook Pro in both 14-inch and 16-inch screen sizes. In addition to the base M4 model, they also come in M4 Pro and M4 Max configurations in both sizes.

But let's be real: the M3 MacBook Pro was already a fantastic laptop. Is it really worth upgrading to the new model? I won't know for sure until I've tested them myself, but here are the six major changes you need to know about when it comes to the next generation of MacBook Pros.

Read more
These M4 MacBook Pro leaks are getting insane, and I don’t know what to believe anymore
An open MacBook Pro on a table.

Apple has yet to announce an October Mac event, but leaks for the M4 MacBook Pro continue to circulate. A new tweet from Apple leaker ShrimpApplePro and a new Russian unboxing video have been spotted by Tom's Hardware, giving this possibly true and definitely unprecedented Apple leak more steam. The tweet claims a seller on a private Facebook group has 200 units of the M4 MacBook Pro for sale, adding: "This is probably the biggest warehouse leakage I've ever seen."

https://x.com/VNchocoTaco/status/1843133165302591861?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1843133165302591861%7Ctwgr%5E3d007d4bc86ddf38301ce5446103d04c8e8215f5%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fwww.tomshardware.com%2Flaptops%2Fapple-macbook-pro-m4-leakage-gets-serious-with-200-units-reportedly-up-for-sale-on-social-media

Read more
The M4 MacBook Pro is apparently listed for sale on Facebook — but I don’t buy it
An open MacBook Pro on a table.

According to analysts and industry experts like Mark Gurman and Ming-Chi Kuo, Apple is expected to announce an M4 refresh of the MacBook Pro possibly this month and most likely before the end of the year. No event announcements have come yet, though Apple has historically held an October Mac event. But now, an online leak discovered by Wccftech claims the new model is up for sale on a private Facebook group. The claim is backed up by alleged images of the retail box, but there's plenty to be suspicious about.

While the images were posted by known leaker ShrimpApplePro, the information was sent to them from an unknown source. There are two posts so far, one with an image of the back of the retail box -- with comments from AppleShrimpPro saying to take it with asome skepticism -- and one showing additional images and claiming it's for sale on Facebook.

Read more