Skip to main content

This Mac malware can steal your credit card data in seconds

Despite their reputation for security, Macs can still get viruses, and that’s just been proven by a malicious new Mac malware that can steal your credit card info and send it back to the attacker, ready to be exploited. It’s a reminder to be careful when opening apps from unknown sources.

The malware, dubbed MacStealer, was discovered by Uptycs, a threat research firm. It hoovers up a wide array of your personal data, including the iCloud Keychain password database, credit card data, cryptocurrency wallet credentials, browser cookies, documents, and more. That means there’s a lot that could be at risk if it gains a foothold on your Mac.

A fake password prompt created by the MacStealer macOS malware.
A fake password prompt created by the MacStealer macOS malware. Uptycs

MacStealer begins its attacks using an installer file called weed.dmg. Opening this launches a fake password prompt that harvests your login credentials and uses them to access your sensitive information, which is then zipped up and sent to a server controlled by the hacker. Once that’s done, the stolen data is broadcasted to interested parties on a dedicated Telegram channel.

Fortunately, even though MacStealer can extract your Mac’s iCloud Keychain database, it isn’t able to extract the passwords stored within. That’s because iCloud Keychain encrypts any data it stores. As the attackers note, without a user’s master password, getting at those passwords is “almost impossible.”

How to protect yourself

Apple's Craig Federighi speaking about macOS security at WWDC 2022.

Right now, the malware’s developers are selling it for $100 per build, making it relatively affordable in the world of malware as a service. According to the developer, the low price is due to the malware lacking a user panel and any builder functionality, as well as its current beta status.

Unfortunately, it seems like the threat actor developing MacStealer has some more ideas that they are planning to incorporate into future versions. That includes a cryptocurrency wallet drainer, a user control panel, the ability for customers to generate new builds themselves, and more.

If you want to protect yourself from MacStealer (and other Mac malware), you should keep your Mac up to date with the latest patches from Apple and only allow the installation of apps from trusted sources (such as the official App Store). Installing an antivirus app would also be a good idea, as would using one of the best password managers to keep your sensitive data locked up and encrypted.

Editors' Recommendations

Alex Blake
In ancient times, people like Alex would have been shunned for their nerdy ways and strange opinions on cheese. Today, he…
This major Apple bug could let hackers steal your photos and wipe your device
A physical lock placed on a keyboard to represent a locked keyboard.

Apple’s macOS and iOS are often considered to be more secure than their rivals, but that doesn’t make them invulnerable. One security team recently proved that by showing how hackers could exploit Apple’s systems to access your messages, location data, and photos -- and even wipe your device entirely.

The discoveries were published on the blog of security research firm Trellix, and will be of major concern to iOS and macOS users alike, since the vulnerabilities can be exploited on both operating systems. Trellix explains that Apple patched the exploits in macOS 13.2 and iOS 16.3, which were released in January 2023, so you should update your devices as soon as you can.

Read more
Ranking the best (and worst) versions of macOS from the last 20 years
An Apple iMac from 2019 placed on a desk. The macOS Mojave operating system is on its display.

Apple’s macOS operating system is known for its stability and features, but it wasn’t always this way. Throughout the history of macOS (and OS X before it), there have been some real stinkers that Apple would probably rather we all forgot about. Yet there have also been some classic versions that still live fondly in the memories of Mac users new and old.

In this article, we’ve picked five of the best versions of Apple’s Mac operating system, as well as five of its worst, presented in chronological order. We’ve started with the launch of OS X 10.0 in 2001 and continued right up to the present, past the operating system’s rebranding as macOS in 2016. If Windows is your speed, we've also ranked the best Windows versions of all time. Let’s explore Apple’s greatest hits -- and some of its worst howlers.
Worst: OS X 10.0 Cheetah (2001)

Read more
Yes, you can use both Mac and Windows — here are some tips to get started
The keyboard of the MacBook Pro 14-inch on a wood surface.

I'm not a typical Windows or Mac user. Where most people choose one operating system and stick with it, I use both Windows 11 and MacOS regularly, going back and forth daily depending on my workflow. And it's easier to do than you probably think.

I have a fast Windows 11 desktop with three 27-inch 4K displays, and I use that for all my research-intensive work that benefits from multiple monitors. But for writing simple copy, and for personal tasks, I use a MacBook Pro 14 M1 Pro simply because I like it so much. It's not MacOS that draws me to the machine, but its battery life, cool yet quick operation, excellent keyboard and touchpad, and awesome HDR display. To stay sane, I've worked out a few tricks and techniques to make the constant switching bearable. Here's what I've learned.
Adjust to your keyboards

Read more