Apple users are being warned about a new variant of the macOS Banshee Stealer malware that can hack browser credentials, cryptocurrency wallets, and other sensitive data. Security researchers from Check Point have identified this evolved threat, which poses significant risks for approximately 100 million users. The malware was initially detected late last year and has shown an alarming capacity to evade detection.
The creators of the malware have allegedly stolen an encryption algorithm from Apple’s own XProtect antivirus engine, making it harder to detect. Eric Schwake, director of cybersecurity strategy at Salt Security, noted that the return of Banshee Stealer malware underscores the necessity for strong security measures across all devices. He stressed that organizations must adopt a proactive approach to lessen the risk from evolving threats like Banshee Stealer and safeguard their essential data and resources.
James Scobey, Chief Information Security Officer at Keeper Security, reiterated that macOS systems, traditionally viewed as more secure than their PC counterparts, are now attractive targets for cybercriminals.
Banshee Stealer’s dangerous advancements
Sophisticated malware such as Banshee Stealer can bypass traditional defenses by exploiting encryption methods inspired by native security tools, capitalizing on stolen credentials and user errors.
Antonis Terefos from Check Point pointed out that a relatively small code update in string encryption allowed the new Banshee variant to evade antivirus detection for months. This development highlights a growing trend of threat actors targeting macOS users with increasingly capable malware. Experts agree that while Apple includes robust security protections in macOS, such as Gatekeeper, XProtect, and sandboxing, no operating system is immune to threats.
Ngoc Bui, a cybersecurity expert at Menlo Security, emphasized the importance of a multi-layered security approach and better-trained hunters on Mac environments. The Check Point report warns that Banshee Stealer operates undetected and seamlessly, stealing credentials, passwords, and sensitive data, blending in with normal system processes. As Banshee Stealer continues to demonstrate the evolving nature of threats targeting macOS systems, users are urged to reassess their security assumptions and take proactive measures to safeguard their data.
Noah Nguyen is a multi-talented developer who brings a unique perspective to his craft. Initially a creative writing professor, he turned to Dev work for the ability to work remotely. He now lives in Seattle, spending time hiking and drinking craft beer with his fiancee.
