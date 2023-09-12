Ქალაქის ცხოვრება

ახალი ტექნოლოგიების გამოვლენა და ხელოვნური ინტელექტის ძალა

MetaStealer: ახალი ინფორმაციის მომპარავი, რომელიც მიზნად ისახავს macOS ბიზნესს

Byგაბრიელ ბოტა

Sep 12, 2023
MetaStealer, a new information-stealing malware, has emerged as a threat to Apple macOS systems. This adds to the growing list of stealer families, including Stealer, Pureland, Atomic Stealer, and Realst, that have focused on the macOS operating system. In this latest attack, threat actors are posing as fake clients to socially engineer victims into launching malicious payloads.

MetaStealer is distributed in the form of rogue application bundles in the disk image format (DMG). The attackers approach their targets by sharing a password-protected ZIP archive containing the DMG file. Previous instances have seen the malware disguised as Adobe files or installers for Adobe Photoshop. Evidence suggests that MetaStealer artifacts have been present in the wild since March 2023, with the most recent sample uploaded to VirusTotal on August 27, 2023.

What sets MetaStealer apart is its focus on targeting business users. Typically, macOS malware is distributed through torrent sites or suspicious third-party software distributors, offering cracked versions of popular software. However, MetaStealer specifically targets business users, aiming to harvest data from iCloud Keychain, saved passwords, and files on compromised hosts. Some versions of the malware have also been observed targeting services like Telegram and Meta.

The emergence of MetaStealer emphasizes the increasing trend of targeting Mac users for their data among threat actors. Its objective of exfiltrating valuable keychain and other information from business users highlights the potential for further cybercriminal activity or gaining access to larger business networks. It is unclear whether MetaStealer is the work of the same authors behind other stealer families or the result of separate groups of threat actors.

