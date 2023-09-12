城市生活

揭開新技術和人工智能的力量

專業技術

MetaStealer：針對 macOS 企業的新信息竊取程序

By加布里埃爾博塔

12 年 2023 月 XNUMX 日
MetaStealer：針對 macOS 企業的新信息竊取程序

MetaStealer, a new information-stealing malware, has emerged as a threat to Apple macOS systems. This adds to the growing list of stealer families, including Stealer, Pureland, Atomic Stealer, and Realst, that have focused on the macOS operating system. In this latest attack, threat actors are posing as fake clients to socially engineer victims into launching malicious payloads.

MetaStealer is distributed in the form of rogue application bundles in the disk image format (DMG). The attackers approach their targets by sharing a password-protected ZIP archive containing the DMG file. Previous instances have seen the malware disguised as Adobe files or installers for Adobe Photoshop. Evidence suggests that MetaStealer artifacts have been present in the wild since March 2023, with the most recent sample uploaded to VirusTotal on August 27, 2023.

What sets MetaStealer apart is its focus on targeting business users. Typically, macOS malware is distributed through torrent sites or suspicious third-party software distributors, offering cracked versions of popular software. However, MetaStealer specifically targets business users, aiming to harvest data from iCloud Keychain, saved passwords, and files on compromised hosts. Some versions of the malware have also been observed targeting services like Telegram and Meta.

The emergence of MetaStealer emphasizes the increasing trend of targeting Mac users for their data among threat actors. Its objective of exfiltrating valuable keychain and other information from business users highlights the potential for further cybercriminal activity or gaining access to larger business networks. It is unclear whether MetaStealer is the work of the same authors behind other stealer families or the result of separate groups of threat actors.

To stay updated with the latest cybersecurity news and exclusive content, follow us on Twitter and LinkedIn.

來源：
– SentinelOne: Analysis by Phil Stokes

By 加布里埃爾博塔

相關帖子

專業技術

日本將開發甲烷燃料火箭發動機 2030 年發射

16 年 2023 月 XNUMX 日 羅伯特·安德魯
專業技術

Discover Samsung 促銷：僅需 1 美元即可購買 Samsung SmartThings Station！

16 年 2023 月 XNUMX 日 曼波布雷西亞
專業技術

整理的藝術：放棄多餘的東西

16 年 2023 月 XNUMX 日 加布里埃爾博塔

你錯過了

科學

脊柱幹細胞的發現為腫瘤擴散提供了線索

17 年 2023 月 XNUMX 日 加布里埃爾博塔 0 個評論
科學

美國宇航局的朱諾號任務捕捉到了木星及其火山衛星木衛一的令人驚嘆的照片

17 年 2023 月 XNUMX 日 薇琪斯塔夫羅普盧 0 個評論
科學

阿拉伯聯合酋長國航天局將目光投向小行星帶

17 年 2023 月 XNUMX 日 曼波布雷西亞 0 個評論
科學

椎骨的起源及其在腫瘤轉移中的作用

17 年 2023 月 XNUMX 日 羅伯特·安德魯 0 個評論