Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

bogdanw

macrumors 603
Original poster
Mar 10, 2009
6,144
3,042
Bleeping Computer - "New Realst macOS malware steals your cryptocurrency wallets"
https://www.bleepingcomputer.com/ne...s-malware-steals-your-cryptocurrency-wallets/
"A new Mac malware named "Realst" is being used in a massive campaign targeting Apple computers, with some of its latest variants including support for macOS 14 Sonoma, which is still in development.

The malware, first discovered by security researcher iamdeadlyz, is distributed to both Windows and macOS users in the form of fake blockchain games using names such as Brawl Earth, WildWorld, Dawnland, Destruction, Evolion, Pearl, Olymp of Reptiles, and SaintLegend.

For Mac users, the sites will distribute the Realst info-stealing malware, which targets Mac devices as PKG installers or DMG disk files containing the malicious Mach-O files but no real games or other decoy software.

The "game.py" file is a cross-platform Firefox infostealer and "installer.py" is "chainbreaker," an open-source macOS keychain database password, keys, and certificates extractor.

SentinelOne found that some samples are codesigned using valid (now revoked) Apple Developer IDs, or ad-hoc signatures, to bypass detection from security tools."
 
  • Like
Reactions: R3k
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.