Swiftly Notarized Nuisance: MacSync Malware Makes a Comeback on macOS Systems
The latest MacSync information stealer variant is targeting macOS systems with a cunning twist: it’s disguised as a notarized Swift app. Just when you thought “drag-to-Terminal” was passé, this sneaky malware bypasses checks and swipes data while pretending to be a legitimate app. Even malware is getting fancier these days!
Hot Take:
Well, it looks like the MacSync information stealer is finally growing up and getting a job. It figured out that hanging around in the shady alleys of drag-to-Terminal operations just wasn’t cutting it anymore, so it put on a suit, got itself notarized, and is now slipping through macOS security checks with a fancy Swift application. If only it realized that a life of digital crime doesn’t have a 401(k) plan.
Key Points:
– MacSync information stealer is now delivered via a digitally signed and notarized Swift application.
– The malware’s new delivery method bypasses macOS Gatekeeper security checks.
– Researchers identified evasion tactics like embedding decoy PDFs and wiping execution scripts.
– The MacSync stealer can pilfer iCloud keychain credentials, browser passwords, and more.
– Apple has revoked the certificate after being alerted by security researchers.