Skip to main content
  1. Home
  2. Computing
  3. News

This Mac malware can steal your credit card data in seconds

Alex Blake
By

Despite their reputation for security, Macs can still get viruses, and that’s just been proven by a malicious new Mac malware that can steal your credit card info and send it back to the attacker, ready to be exploited. It’s a reminder to be careful when opening apps from unknown sources.

The malware, dubbed MacStealer, was discovered by Uptycs, a threat research firm. It hoovers up a wide array of your personal data, including the iCloud Keychain password database, credit card data, cryptocurrency wallet credentials, browser cookies, documents, and more. That means there’s a lot that could be at risk if it gains a foothold on your Mac.

A fake password prompt created by the MacStealer macOS malware.
A fake password prompt created by the MacStealer macOS malware. Uptycs

MacStealer begins its attacks using an installer file called weed.dmg. Opening this launches a fake password prompt that harvests your login credentials and uses them to access your sensitive information, which is then zipped up and sent to a server controlled by the hacker. Once that’s done, the stolen data is broadcasted to interested parties on a dedicated Telegram channel.

Recommended Videos

Fortunately, even though MacStealer can extract your Mac’s iCloud Keychain database, it isn’t able to extract the passwords stored within. That’s because iCloud Keychain encrypts any data it stores. As the attackers note, without a user’s master password, getting at those passwords is “almost impossible.”

Related

How to protect yourself

Apple's Craig Federighi speaking about macOS security at WWDC 2022.
Apple

Right now, the malware’s developers are selling it for $100 per build, making it relatively affordable in the world of malware as a service. According to the developer, the low price is due to the malware lacking a user panel and any builder functionality, as well as its current beta status.

Unfortunately, it seems like the threat actor developing MacStealer has some more ideas that they are planning to incorporate into future versions. That includes a cryptocurrency wallet drainer, a user control panel, the ability for customers to generate new builds themselves, and more.

If you want to protect yourself from MacStealer (and other Mac malware), you should keep your Mac up to date with the latest patches from Apple and only allow the installation of apps from trusted sources (such as the official App Store). Installing an antivirus app would also be a good idea, as would using one of the best password managers to keep your sensitive data locked up and encrypted.

Editors' Recommendations

Topics
Alex Blake
Alex Blake
Computing Writer
In ancient times, people like Alex would have been shunned for their nerdy ways and strange opinions on cheese. Today, he…
Apple quietly backtracks on the MacBook Air’s biggest issue
The MacBook Air on a white table.

The new MacBook Air with M3 chip not only allows you to use it with two external displays, but it has also reportedly addressed a storage problem that plagued the previous M2 model. The laptop now finally has much faster storage performance since Apple has switched back to using two 128GB NAND modules instead of a single 256GB module on the SSD drive.

This was discovered by the YouTuber Max Tech, who tore down the entry-level model of the MacBook Air M3 with 8GB of RAM and 256GB of storage. In his tests, thanks to the two NAND modules, the M3 MacBook Air is nearly double faster than the M2 MacBook Air. Blackmagic Disk Speed tests show that the older M2 model with the problematic NAND chip had a 1584.3 Mb/s write speed, and the newer M3 model had 2108.9 Mb/s for the M3 model, for a 33% difference. In read speeds, it was 1576.4 Mb/s on the old model and 2880.2 Mb/s on the newer model.

Read more
The 6 best ways Macs work with your other Apple devices
A person holds an iPhone in front of a MacBook.

One of the best things about using more than one Apple device is the way they interact with each other. Apple has built all kinds of clever features into its famous ecosystem, and it means your devices all work together in a way that you just don’t get from any other manufacturer.

AirDrop might be the ultimate expression of this, though that's fairly well-known. Here, we’ve picked out six other great ways your Mac works with other Apple products. Most require you to have Bluetooth and Wi-Fi enabled, as well as for you to be using the same Apple ID on all your devices. Check the System Settings app on your devices to make sure the specific features are enabled, although most should be by default.

Read more
I never knew I needed this mini Mac app, but now I can’t live without it
Apple MacBook Pro 16 downward view showing keyboard and speaker.

Switching apps is something I do countless times every day on my Mac, so much so that I don’t ever think anything of it. That is until recently, when I discovered a new app that has me flipping windows in a new (and much-improved) way.

That app is called Quick Tab, and it’s designed to make app switching a little more painless. Now, I’ll admit that I’ve never thought of the traditional Command-Tab key combination as all that painful, but Quick Tab has swiftly shown me what I’ve been missing.

Read more