Skip to main content
  1. Home
  2. Computing
  3. News

This dangerous new Mac malware steals your credit card info

Alex Blake
By

People like to think that Apple’s Macs are more or less invulnerable to the assorted viruses and trojans that afflict Windows PCs, but that’s far from the truth. That’s just been aptly demonstrated by the emergence of a new malware strain that attempts to steal all of your passwords, credit card data, and more.

The discovery was made by security firm SentinelOne, which named the malware MetaStealer. According to SentinelOne, MetaStealer has the potential to trick you into giving away vital information that could cause a huge amount of damage, and it has a nefarious way of getting what it wants.

A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.
Sora Shimazaki / Pexels

SentinelOne notes that the authors of MetaStealer appear to be targeting business owners who are running Apple’s macOS operating system, posing as potential clients in order to earn their trust and deceive them into installing the malware. That suggests a high level of determination and coordination on the part of MetaStealer’s creators.

Recommended Videos

For instance, SentinelOne cited one business owner who was tricked by someone masquerading as an interested client. “The man I’d been negotiating with on the job this past week sent me a password protected zip file containing this DMG file, which I thought was a bit odd,” they noted.

Related

“Against my better judgment I mounted the image to my computer to see its contents,” they continued. “It contained an app that was disguised as a PDF, which I did not open and is when I realized he was a scammer.”

SentinelOne states that MetaStealer often disguises itself as a PDF file, despite actually being a DMG installer. Its file names have included “AnimatedPoster.dmg,” “AdobeOfficialBriefDescription.dmg,” and “Advertising terms of reference (MacOS presentation).dmg,” all in an attempt to appear legitimate.

Stealing your passwords

A physical lock placed on a keyboard to represent a locked keyboard.
piranka / Getty Images

Once MetaStealer is running on a Mac, it tries to gather as much information as it possibly can. SentinelOne’s analysis identified code snippets for “exfiltrating the keychain, extracting saved passwords, and grabbing files.” A Mac’s keychain contains saved logins, credit card info, encryption keys, and other extremely sensitive data, so losing its contents could be catastrophic. Some samples also appear to target Telegram and Meta apps, giving MetaStealer its name.

MetaStealer is built using Intel x86_64 binaries, which means it is designed to run on Intel-based Macs. Apple started phasing these out in 2020 and replacing them with its own Apple silicon Macs. However, it bundled a translation app called Rosetta into macOS that lets users automatically run Intel apps on Apple silicon Macs. That means having a newer Apple-designed chip doesn’t necessarily protect your Mac from MetaStealer.

SentinelOne says 2023 has seen an “explosion of infostealers targeting the macOS platform,” and MetaStealer is just the latest in a long line of new malware strains aimed squarely at Apple’s customers. That means it’s more important than ever to keep your Mac secure, avoid downloading and running suspicious apps, and use an antivirus app to keep out digital nasties.

Editors' Recommendations

Topics
Alex Blake
Alex Blake
Computing Writer
In ancient times, people like Alex would have been shunned for their nerdy ways and strange opinions on cheese. Today, he…
Is macOS more secure than Windows? This malware report has the answer
A person using a laptop with a set of code seen on the display.

It’s a long-held belief that Macs are less at risk of malware and viruses than Windows PCs, but how true is that? Well, a new report has shed some light on the situation -- and the results might surprise you.

According to threat research firm Elastic Security Labs, roughly 39% of all malware infections happen on Windows PCs. In good news for Apple fans, only 6% of breaches occurred on macOS, making Mac systems far less vulnerable than their Windows counterparts.

Read more
This Mac malware can steal your credit card data in seconds
Apple's Craig Federighi speaking about macOS security at WWDC 2022.

Despite their reputation for security, Macs can still get viruses, and that’s just been proven by a malicious new Mac malware that can steal your credit card info and send it back to the attacker, ready to be exploited. It’s a reminder to be careful when opening apps from unknown sources.

The malware, dubbed MacStealer, was discovered by Uptycs, a threat research firm. It hoovers up a wide array of your personal data, including the iCloud Keychain password database, credit card data, cryptocurrency wallet credentials, browser cookies, documents, and more. That means there’s a lot that could be at risk if it gains a foothold on your Mac.

Read more
MacGPT: how to use ChatGPT on your Mac
The MacGPT app for macOS Monterey and Ventura.

Apple might not officially be in the AI space, but a developer has created a legitimate way to bring ChatGPT to macOS and make the chatbot accessible from your menu bar.

The aptly named MacGPT is an application developed by Jordi Bruin that allows you to install ChatGPT as a remote browser on your Mac desktop. The application has been available since the 2022 holiday season and has garnered over 370 ratings, many of which are five stars. MacGPT is currently free, however, Bruin accepts donations. Once out of beta, he will make MacGPT available at the App Store, where it will sell for $5.

Read more