New CrashStealer malware poses as Apple crash reporting tool

Summary

A new macOS information-stealing malware named CrashStealer has been discovered. It disguises itself as Apple's legitimate crash-reporting tool to trick users into installing it, subsequently stealing sensitive data such as credentials, keychain information, and cryptocurrency wallet details.

IFF Assessment

FOE

This malware poses a direct threat to user data and system security by impersonating a trusted application.

Defender Context

Defenders should be aware of this new macOS threat that leverages social engineering by mimicking a system tool. This highlights the need for vigilant user education on identifying and reporting suspicious software, as well as robust endpoint detection and response (EDR) solutions capable of detecting novel malware behavior.

Read Full Story →