Robuta

https://www.sentinelone.com/labs/6-pro-tricks-for-rapid-macos-malware-triage-with-radare2/ 6 Pro Tricks for Rapid macOS Malware Triage with Radare2 - SentinelLabs Sep 22, 2021 - Learn more about reversing real-world macOS malware in this new series for intermediate to advanced analysts, starting with these r2 tips! 6 promacos malwaretricksrapid https://appleinsider.com/articles/25/02/04/new-macos-malware-disguises-itself-as-chrome-zoom-installers New macOS malware disguises itself as popular installers North Korean hackers are using fake job offers and disguised app updates to sneak malware onto Macs, and while Apple's latest XProtect update blocks some... macos malwarenewdisguisespopularinstallers https://www.sentinelone.com/blog/automated-macos-malware-submissions-infecting-virustotal/ Automated macOS malware submissions "infecting" VirusTotal Mar 22, 2019 - Fake submissions on VirusTotal appear to inflate hits for certain kinds of macOS malware macos malwareautomatedsubmissionsinfectingvirustotal https://www.inverse.com/input/tech/macos-malware-was-quietly-taking-screenshots-of-users-screens macOS malware was quietly taking screenshots of users' screens May 25, 2021 - Why, we don't know. But Apple says it has patched the flaw that allowed for the privacy breach. macos malwaretaking screenshotsquietlyusers https://thehackernews.com/2024/08/new-macos-malware-todoswift-linked-to.html?version=meter+at+null New macOS Malware TodoSwift Linked to North Korean Hacking Groups New macOS malware TodoSwift, linked to North Korean hacking groups, targets crypto-industry with advanced tactics. macos malwarenorth koreannewlinkedhacking https://thehackernews.com/2024/01/activator-alert-macos-malware-hides-in.html?ref=blog.netmanageit.com "Activator" Alert: MacOS Malware Hides in Cracked Apps, Targeting Crypto Wallets Malicious "Activator" booby-traps DMG files on macOS, tricking users into granting admin access. It then steals crypto wallet data and system info. macos malwareactivatoralerthides https://thehackernews.com/2017/02/xagent-malware-apt28.html New MacOS Malware linked to Russian Hackers Can Steal Passwords & iPhone Backups macos malwarerussian hackers https://www.techradar.com/pro/security/microsoft-spies-a-new-and-worrying-macos-malware-strain Microsoft spies a new and worrying macOS malware strain | TechRadar Feb 18, 2025 - XCSSET infostealer was updated after more than two years a newmacos malwaremicrosoftspiesworrying https://appleinsider.com/articles/26/03/20/ghostclaw-turns-github-habits-into-a-macos-malware-pipeline GhostClaw turns GitHub habits into a macOS malware pipeline GhostClaw, a macOS infostealer, is spreading through GitHub repositories and developer tools, and it works because routine install habits make running malware... macos malwareturnsgithubhabitspipeline https://www.sentinelone.com/blog/how-a-new-macos-malware-dropper-delivers-vindinstaller-adware/ How a New macOS Malware Dropper Delivers VindInstaller Adware Mar 28, 2024 - A recently-discovered macOS malware dropper uses a new trick to deliver known malware, bypassing signature-based AV detections along the way. a newmacos malwaredropperdeliversadware https://www.sentinelone.com/labs/resourceful-macos-malware-hides-in-named-fork/ Resourceful macOS Malware Hides in Named Fork - SentinelLabs Sep 2, 2021 - Threat actors targeting macOS are deploying a new trick to hide payloads and avoid detection thanks to an old technology: the named resource fork. macos malwareresourcefulhidesnamedfork https://www.jamf.com/blog/flexibleferret-malware-continues-to-adapt/ FlexibleFerret: macOS Malware Deploys in Fake Job Scams Jamf Threat Labs analyzes the FlexibleFerret macOS malware, a threat that uses fake recruitment lures and social engineering to infect systems and steal... macos malwarefake jobdeploysscams https://thehackernews.com/2024/08/new-macos-malware-cthulhu-stealer.html?ref=secretciso.org New macOS Malware "Cthulhu Stealer" Targets Apple Users' Data Discover Cthulhu Stealer, a new macOS malware targeting user data. Learn about its capabilities, distribution, and Apple's response to emerging threat macos malwareapple usersnewcthulhustealer https://www.mcafee.com/blogs/consumer/cyberthreat-news/apple-users-this-macos-malware-could-be-spying-on-you/ Apple Users: This macOS Malware Could Be Spying on You | McAfee Blog Jun 4, 2024 - In 2018, Macs accounted for 10% of all active personal computers. Since then, popularity has skyrocketed. In the first quarter of 2021, Macs experienced apple usersmacos malwarecould be https://thehackernews.com/2023/03/new-macstealer-macos-malware-steals.html New MacStealer macOS Malware Steals iCloud Keychain Data and Passwords macos malwareicloud keychainnewstealsdata https://www.infosecurity-magazine.com/news/macos-malware-targets-cracked-apps/ New macOS Malware Targets Cracked Apps - Infosecurity Magazine Jan 22, 2024 - Kaspersky said the malware targeted macOS Ventura 13.6 and newer versions macos malwarenewtargetscrackedapps https://www.sentinelone.com/blog/macos-cryptomining-malware-rise/ Crypto Mining On Mac: How macOS Malware is on the Rise Oct 27, 2022 - Crypto mining is nothing new, but as Ethereum and Bitcoin mining on macOS is increasing, so is crypto mining malware. Here's the current situation on macOS. crypto miningmacos malwarerise https://thehackernews.com/2024/07/north-korea-linked-malware-targets.html North Korea-Linked Malware Targets Developers on Windows, Linux, and macOS Malware campaign targeting software developers expands to multiple platforms, using fake job interviews to deliver data-stealing malware. north koreawindows linuxlinkedmalwaretargets https://www.forcepoint.com/es/blog/x-labs/odyssey-stealer-attacks-macos-users Odyssey Stealer Malware Attacks macOS Users Feb 24, 2026 - The Odyssey Stealer comes in the form of a phishing campaign that targets macOS via a ClickFix technique that delivers malware designed to steal credentials. malware attacksodysseystealermacosusers https://thehackernews.com/2024/11/north-korean-hackers-target-crypto.html North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS North Korean hackers launch Hidden Risk malware targeting macOS devices in crypto firms via fake PDFs. north korean hackerscrypto firms https://www.sentinelone.com/blog/malware-hunting-macos-practical-guide/ Malware Hunting on macOS | A Practical Guide Apr 3, 2024 - Do you want to know if your Mac is infected by malware? What should you look for and where should you look for it? Find out in this practical guide. malwarehuntingmacospracticalguide https://www.sentinelone.com/blog/sneaky-spies-and-backdoor-rats-sysjoker-and-dazzlespy-malware-target-macos/ How SysJoker and DazzleSpy Malware Target macOS Apr 27, 2025 - Learn how SysJoker and DazzleSpy malware target macOS. Explore their tactics, techniques, and methods to detect and mitigate these threats effectively. malwaretargetmacos https://www.darktrace.com/de/blog/from-the-depths-analyzing-the-cthulhu-stealer-malware-for-macos Cthulhu Malware Stealer for macOS Cado Security (now part of Darktrace) analyzed "Cthulhu Stealer," a macOS malware-as-a-service written in Go. cthulhumalwarestealermacos https://www.incibe.es/en/incibe-cert/publications/cybersecurity-highlights/coldroot-keylogger-malware-macos Coldroot, keylogger malware for macOS | INCIBE-CERT | INCIBE Patrick Wardle, chief research officer at Digital Security, has revealed the details of a malicious software that affects macOS operating systems, for macoskeyloggermalwareincibecert https://appleinsider.com/articles/22/03/23/sophisticated-gimmick-malware-found-custom-made-for-macos Sophisticated Gimmick malware found, custom-made for macOS | AppleInsider Security researchers have discovered a new custom macOS malware dubbed Gimmick, which they believe was created by a Chinese espionage group to carry out... custom madefor macossophisticatedgimmickmalware https://www.macrumors.com/2021/04/26/macos-11-3-security-fix/ macOS 11.3 Patches Security Vulnerability That Bypassed Built-In Malware Protections - MacRumors Apple today confirmed to TechCrunch that the just-released macOS 11.3 software update patches a security vulnerability that reportedly could have allowed a... https://www.eset.com/int/about/newsroom/press-releases/research/eset-research-discovers-dazzlespy-macos-malware-spying-on-visitors-of-hong-kong-pro-democracy-news/ ESET Research discovers DazzleSpy: macOS malware spying on visitors of Hong Kong pro-democracy news... Your source for cyber security news, reviews, expert opinions and upcoming events. https://www.jamf.com/blog/macstealer-malware-macos-threat/ Beware of MacStealer, a growing malware threat that affects macOS The malware variant uses Telegram's communications protocol to hide its command and control (C2) processes while it exfiltrates sensitive data. bewaregrowingmalwarethreataffects https://www.techradar.com/pro/security/macos-devices-are-being-hit-by-new-malware-strains-and-theyre-able-to-quickly-evolve-to-avoid-detection MacOS devices are being hit by new malware strains - and they're able to quickly evolve to avoid... Jan 17, 2024 - The tug-of-war between hackers and Apple continues at pace https://www.itnews.com.au/news/new-macos-x-malware-surfaces-172623 New MacOS X malware surfaces - iTnews HellRTS sets up remote access to infected Macs. macos xnewmalwaresurfaces https://www.jamf.com/blog/xloader-macos-malware-as-a-service/ XLoader: New macOS malware XLoader variant offers malware-as-a-service targeting macOS. Learn more. newmacosmalware https://securityaffairs.com/81112/malware/shlayer-mac-malware.html Experts spotted a new strain of Shlayer macOS Malware Feb 14, 2019 - Security experts at Carbon Black have recently discovered a new strain of the Shlayer malware that targets macOS versions from 10.10.5 uto 10.14.3. a newexpertsspottedstrainmacos https://www.itpro.com/malware/31443/dumb-malware-targets-macos-devices-by-getting-cryptocurrency-users-to-infect 'Dumb' malware targets MacOS devices by getting cryptocurrency users to infect themselves | IT Pro Jul 4, 2018 - Attackers lure users on cryptocurrency forums into downloading a massive binary that grants them backdoor access https://www.sentinelone.com/blog/how-to-reverse-malware-on-macos-without-getting-infected-part-3/ How to Reverse Malware on macOS Without Getting Infected | Part 3 Oct 27, 2022 - Join us in the final part of our introduction to macOS malware reverse engineering as we explore LLDB, dynamic binary analysis, reading registers and more. how toreversemalware https://www.indiatoday.in/technology/news/story/new-macos-malware-is-stealing-password-credit-card-info-and-other-sensitive-data-here-is-how-to-stay-safe-2405891-2023-07-13 New macOS malware is stealing password, credit card info and other sensitive data, here is how to... Jul 13, 2023 - The malware named 'ShadowValut' can reportedly be used by the hackers to access logins, banking details, and more personal data of the users. https://www.tomsguide.com/ai/grok/fake-grok-app-built-using-generative-ai-discovered-spreading-malware-on-macos-devices Fake Grok app built using generative AI discovered spreading malware on macOS devices | Tom's Guide Jan 12, 2026 - A newly discovered AI-coded malware can infect Macs using a fake Grok AI app https://thehackernews.com/2018/01/macos-dns-hijacker.html?m=1 Warning: New Undetectable DNS Hijacking Malware Targeting Apple macOS Users A security researcher has discovered a new undetectable DNS hijacking malware targeting Apple macOS users dns hijackingapple macoswarningnewundetectable https://www.sentinelone.com/blog/from-the-front-lines-new-macos-covid-malware-masquerades-as-apple-wears-face-of-apt/ From the Front Lines | New macOS 'covid' Malware Masquerades as Apple, Wears Face of APT Jan 18, 2024 - A fake VPN delivers a Sliver implant with a further malicious payload. APT or Red Team? The IoCs can look the same to defenders. from the front lines https://www.itpro.com/data-insights/data-processing/358726/it-pro-news-in-review-vaccine-passports-macos-malware-palantir IT Pro News in Review: Vaccine passports, macOS malware & Palantir privacy concerns | IT Pro Feb 26, 2021 - Catch up on the top stories of the week in just two minutes news in reviewit provaccine passports https://thehackernews.com/2023/12/new-go-based-jaskago-malware-targeting.html New Go-Based JaskaGO Malware Targeting Windows and macOS Systems A new malware called JaskaGO, based on the Go programming language, has been discovered. newgobasedmalwaretargeting https://thehackernews.com/2025/03/seven-malicious-go-packages-found.html?m=1 Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems Attackers are using typosquatted Go packages to deploy malware on Linux and macOS, targeting financial developers. https://www.sentinelone.com/blog/how-malware-persists-on-macos/ How Malware Persists on macOS Oct 27, 2022 - Malware, exploit kits and threat actors have many ways to persist on Apple's macOS. Find out whether your security solution has all the bases covered. malwarepersistsmacos https://www.sentinelone.com/blog/how-to-reverse-macos-malware-part-one/ How to Reverse Malware on macOS Without Getting Infected | Part 1 Oct 27, 2022 - Ever wanted to learn how to reverse malware on Apple macOS? This is the place to start! Join us in this 3-part series on macOS reverse engineering skills. how toreversemalware https://thehackernews.com/2025/07/new-macos-malware-zuru-targeting.html?m=0 New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App New ZuRu malware infects macOS through trojanized Termius app, delivering remote access via Khepri. newzurumalwarevarianttargeting https://thehackernews.com/2019/02/macos-windows-exe-malware.html?version=meter+at+null Beware!! New Windows .exe Malware Found Targeting macOS Computers Hackers are actively spreading mono-compiled Windows .exe malware applications on torrents to hack MacOS computers. new windowsbewareexemalwarefound https://www.macrumors.com/2022/08/31/mac-malware-protection-updates/ Apple Has Made Major Updates to macOS Malware Protection in 2022 - MacRumors Apple has made notable updates to macOS malware tools over the course of the last six months, according to updates tracked by Howard Oakley at Eclectic... major updates https://thehackernews.com/2023/08/this-malware-turned-thousands-of-hacked.html This Malware Turned Thousands of Hacked Windows and macOS PCs into Proxy Servers https://securityaffairs.com/167454/malware/cthulhu-stealer-targets-apple-macos.html New malware Cthulhu Stealer targets Apple macOS users Aug 23, 2024 - Cato Security found a new info stealer, called Cthulhu Stealer, that targets Apple macOS and steals a wide range of information. apple macosnewmalwarecthulhustealer https://www.sentinelone.com/blog/macos-metastealer-new-family-of-obfuscated-go-infostealers-spread-in-targeted-attacks/ Mac Stealer Malware | macOS MetaStealer Spreads in Targeted Attacks Apr 23, 2024 - The rise of macOS infostealers continues with the latest entrant aiming to compromise business environments with targeted social engineering lures. macstealermalwarespreadstargeted https://thehackernews.com/2025/02/new-frigidstealer-malware-targets-macos.html?rand=1734 New FrigidStealer Malware Targets macOS Users via Fake Browser Updates FrigidStealer malware exploits fake browser updates to bypass Gatekeeper and steal macOS user data. newmalwaretargetsmacosusers https://www.sentinelone.com/labs/detecting-macos-gmera-malware-through-behavioral-inspection/ Detecting macOS.GMERA Malware Through Behavioral Inspection - SentinelLabs Sep 3, 2021 - New malware hits macOS with well-worn techniques. Can behavioral detection prevent attacks that evade legacy AV and built-in Apple security?. detectingmacosmalwarebehavioralinspection https://www.jamf.com/nl/blog/ontwijkende-cryptojacking-malware-voor-macos-gevonden-in-illegale-toepassingen/ Pas op voor macOS cryptojacking-malware. Je hebt misschien gehoord van de cryptojacking-malware op macOS. Lees meer over een nieuw soort malware dat door Jamf Threat Labs is ontdekt. pasopvoormacoscryptojacking https://thehackernews.com/2024/07/north-korean-hackers-update-beavertail.html North Korean Hackers Update BeaverTail Malware to Target MacOS Users North Korean hackers update BeaverTail malware to target macOS users through fake MiroTalk app, expanding cyber espionage campaign against job seekers north korean hackersbeavertail malwareupdatetargetmacos https://www.jamf.com/blog/shlayer-malware-abusing-gatekeeper-bypass-on-macos/?ref=applespbevent.ru Shlayer malware abusing Gatekeeper bypass on macOS Shlayer malware bypasses Gatekeeper security protections on macOS to execute unauthorized software without requiring approval. gatekeeper bypassmalwareabusingmacos https://www.forcepoint.com/pt-br/blog/x-labs/odyssey-stealer-attacks-macos-users Odyssey Stealer Malware Attacks macOS Users Feb 24, 2026 - The Odyssey Stealer comes in the form of a phishing campaign that targets macOS via a ClickFix technique that delivers malware designed to steal credentials. malware attacksodysseystealermacosusers https://www.techradar.com/opinion/the-top-5-ways-malware-can-compromise-corporate-macos-systems The top 5 ways malware can compromise corporate macOS systems | TechRadar Apr 6, 2023 - Ways cyber criminals can compromise macOS with malware the top5 waysmalware https://cointelegraph.com/news/lazarus-group-malware-crypto-business-execs-macos Lazarus Group Malware Targets Crypto, Business Execs via macOS Lazarus Group is targeting fintech and crypto executives using macOS through a new malware kit delivered via social engineering schemes using fake Zoom or... lazarus groupcrypto businessmalwaretargetsexecs https://www.sentinelone.com/blog/session-cookies-keychains-ssh-keys-and-more-7-kinds-of-data-malware-steals-from-macos-users/ Session Cookies, Keychains, SSH Keys and More | 7 Kinds of Data Malware Steals from macOS Users Apr 3, 2024 - Stealing data from Mac devices can unlock the door for both financially-motivated cybercrime and espionage. Learn how recent macOS malware does it. https://www.jamf.com/blog/clickfix-macos-script-editor-atomic-stealer/?ref=macadmins.news ClickFix Malware Uses macOS Script Editor to Deliver Atomic Stealer | Jamf Threat Labs Jamf Threat Labs uncovers a ClickFix-style attack that bypasses Terminal by exploiting macOS Script Editor via the applescript:// URL scheme to deliver an... https://www.html.it/magazine/macos-ecco-il-nuovo-malware-noknok/ macOS: ecco il nuovo malware NokNok | HTML.it I ricercatori di sicurezza di Proofpoint hanno scoperto il nuovo malware NokNok per macOS, viene sfruttato dal gruppo Charming Kitten. macoseccoilnuovomalware https://www.avast.com/c-remove-spigot-mac How to Remove Spigot Malware from Mac and macOS Learn what Spigot is and how to remove Spigot adware from browsers, folders, and files on your Mac. Protect yourself from Spigot malware. how to removefrom macspigotmalwaremacos https://www.sentinelone.com/blog/scripting-macs-with-malice-how-shlayer-and-other-malware-installers-infect-macos/ Scripting Macs With Malice | How Shlayer and Other Malware Installers Infect macOS Mar 28, 2024 - Threat actors on macOS increasingly rely on shell scripts as an effective way to deliver malware installers that trick users and bypass security controls. https://thehackernews.com/2025/03/seven-malicious-go-packages-found.html Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems Attackers are using typosquatted Go packages to deploy malware on Linux and macOS, targeting financial developers. https://appleinsider.com/articles/17/03/24/microsoft-word-macro-malware-automatically-adapts-attack-techniques-for-macos-windows Microsoft Word macro malware automatically adapts attack techniques for macOS, Windows |... A form of Word macro-based malware has been uncovered that can affect both macOS and Windows users when executed, with the malicious file modifying its attack... microsoft word macrofor macosmalwareautomatically https://www.trendmicro.com/vinfo/mx/security/news/cybercrime-and-digital-threats/macos-malware-poses-as-adobe-zii-steals-credit-card-info-and-mines-monero-cryptocurrency MacOS Malware Poses as Adobe Zii, Steals Credit Card Info and Mines Koto Cryptocurrency| Trend... We found a malicious app posing as Adobe Zii (a tool used to crack Adobe products) targeting macOS systems to mine cryptocurrency and steal credit card... https://appleinsider.com/articles/23/06/27/new-mysterious-macos-malware-infiltrates-crypto-exchange JokerSpy malware discovered that adds backdoor to macOS A new and strange macOS malware called "JokerSpy" has been identified, with its first known backdoor creation hitting a crypto exchange. malwarediscoveredaddsbackdoormacos https://www.securitymagazine.com/articles/101447-typosquatted-packages-delivering-malware-to-linux-and-macos-systems Typosquatted packages delivering malware to Linux and macOS systems | Security Magazine Research has identified a typosquatting campaign delivering malware to Linux and macOS systems. typosquattedpackagesdeliveringmalware https://www.jamf.com/blog/pyinstaller-malware-jamf-threat-labs/ Unpacking PyInstaller Malware on macOS Jamf Threat Labs discovers malware: learn how attackers are using PyInstallers to deploy infostealers. unpackingpyinstallermalwaremacos https://hackread.com/cracked-macos-software-laced-trojan-proxy-malware/ Cracked macOS Software Laced with New Trojan Proxy Malware Dec 8, 2023 - According to Kaspersky, threat actors are deploying a novel Proxy Trojan malware in cracked applications, distributed via unauthorized websites. macos softwarecrackedlacednewtrojan https://www.clamxav.com/ ClamXAV - Trusted Antivirus & Malware Scanner for macOS | Download Your Free Trial Protect your Mac with ClamXAV - trusted antivirus and malware scanner for macOS. Enjoy real-time protection, automatic updates and lightweight performance. Try... malware scannerfor macosclamxavtrustedantivirus https://www.infosecurity-magazine.com/news/flexibleferret-malware-macos-go/ New FlexibleFerret Malware Chain Targets macOS With Go Backdoor - Infosecurity Magazine Nov 25, 2025 - A new macOS malware chain using staged scripts and a Go-based backdoor has been attributed to FlexibleFerret, designed to steal credentials and maintain system... newmalwarechaintargets https://cyberinsider.com/new-lightspy-malware-variant-targets-macos-devices/ New LightSpy Malware Variant Targets macOS Devices | CyberInsider Jun 10, 2024 - A recent investigation by Huntress researchers has unveiled a previously unreported macOS variant of the LightSpy malware. newmalwarevarianttargetsmacos https://thehackernews.com/2022/08/xcsset-malware-updates-with-python-3-to.html XCSSET Malware Updates with Python 3 to Target macOS Monterey Users Hackers have updated the XCSSET malware to add support for macOS Monterey by updating the source code components to Python 3. python 3macos montereymalwareupdates https://www.incibe.es/incibe-cert/publicaciones/bitacora-de-seguridad/coldroot-malware-keylogger-macos Coldroot, un malware keylogger para macOS | INCIBE-CERT | INCIBE Patrick Wardle jefe en seguridad de Digital Security, ha revelado los detalles de un software malicioso que afecta a los sistemas operativos macOS, unmalwarekeyloggerparamacos https://thehackernews.com/2021/07/wildpressure-apt-emerges-with-new.html WildPressure APT Emerges With New Malware Targeting Windows and macOS WildPressure's APT Trojan has made a return with MacOS malware to target industries in the Middle East. aptnewmalwaretargetingwindows https://crypto.news/north-korean-hackers-target-macos-in-latest-malware-campaign-targeting-crypto-firms/ North Korean hackers target macOS in latest malware campaign targeting crypto firms Jul 3, 2025 - North Korean cybercriminals have been targeting crypto firms using a new strain of malware that exploits Apple devices in a multi-stage attack. north korean hackers https://www.macrumors.com/2017/04/28/mac-malware-apple-certificate-https-traffic/ Malware Uses Apple Developer Certificate to Infect MacOS and Spy on HTTPS Traffic - MacRumors A malware research team has discovered a new piece of Mac malware that reportedly affects all versions of MacOS and is signed with a valid developer... https://www.laptopmag.com/news/embargoed-dont-pub-macbook-users-beware-hackers-are-buying-dollar49-malware-to-execute-malicious-files-on-macos MacBook users beware! Hackers are buying $49 malware to wreak havoc on macOS | Laptop Mag Jul 21, 2021 - Check Point Research discovered a new malware strain that affects macOS device. Dubbed "XLoader," hackers can use it to execute malicious files on MacBooks.