Security researchers have warned that a new variant of the Banshee credential-stealer is targeting Apple’s 100 million macOS users. Here’s what you need to know.
Update, Jan. 11, 2025: This story, originally published Jan. 10, now includes comments from a number of security experts about the new Banshee Stealer threat to Apple macOS users.as cybercriminals look to exploit the growing popularity of the operating system.
Here’s what you need to know about the newly discovered Banshee Stealer threat variant. A new variant of the macOS Banshee Stealer threat, capable of hacking browser credentials, cryptocurrency wallets and other sensitive data, has been monitored by security researchers since late last year. Now those threat intelligence experts at Check Point Research have published aI’m a relatively recent convert to the world of macOS, having bought into the MacBook Pro a couple of years ago in no small part due to thethat the Apple ecosystem brings. I’m not blind to the fact that this doesn’t mean anyone using macOS is somehow immune to attack, that simply isn’t the case. The Banshee Stealer is proof enough if anyone were doubtful that such stealer-as-a-service threats apply to Apple users as much as anyone else. “For $3,000,” Check Point researchers said, “threat actors could purchase this malware to target macOS users,” with the criminal developers having “stolen a string encryption algorithm from Apple’s own XProtect antivirus engine, which replaced the plain text strings used in the original version.” This likely made it easier for Banshee to avoid detection. However, when the source code to the malware was leaked on the dark web late in 2024, the service was shut down. Check Point said at the time it would lead to new variants, developed by other threat actors, emerging; it has been proved right.The return of Banshee Stealer malware, with its improved antivirus detection capabilities, represents a significant risk for organizations using macOS devices, according to Eric Schwake, director of cybersecurity strategy at Salt Security. “Despite the common belief that Macs offer greater security,” Schwake said, “this incident emphasizes that organizations must adopt strong security measures across all devices, independent of their operating systems.” Only by adopting a proactive stance on macOS security can organizations “lessen the risk from evolving threats like Banshee Stealer and safeguard their essential data and resources,” Schwake said. Such a proactive stance entails implementing endpoint security solutions, enforcing strict password policies, educating staff about phishing and malware risks, and ensuring all software is regularly updated with the latest security patches, Schwake concluded. Meanwhile, Jaron Bradley, director of the Jamf threat labs, warned that its own threat intelligence had observed a significant rise in credential stealer campaigns gaining momentum across 2023. “These campaigns have proven highly successful, even on the macOS platform,” Bradley said, “the success of these stealers is primarily driven by social engineering, where attackers convince users to execute the malware themselves.” The lesson to be learned is as obvious as it is old: no matter how robust the operating system’s security measures are, attackers can often bypass them by presenting users with a convincing reason to act. “It also underscores that while Apple’s XProtect rules are effective at detecting known malware,” Bradley said, “they are closely monitored by malware authors, allowing them to adapt and evade detection in future iterations using creative methods.”While conceding that Apple does a good job at including robust security protections for macOS users, such as Gatekeeper, XProtect, and sandboxing, the Check Point researchers have warned that the rebirth and rise of Banshee Stealer “serves as a reminder that no operating system is immune to threats.” The macOS users who ignore this warning do so at their own peril. That’s because Banshee operates undetected and blends seamlessly with perfectly normal system processes, yet all the time, it is stealing browser credentials, cryptocurrency wallets, user passwords, and sensitive file data. “Even seasoned IT professionals struggle to identify its presence,” the Check Point report warned, “Banshee stealer isn’t just another piece of malware—it’s a critical warning for users to reassess their security assumptions and take proactive measures to safeguard their data.” The latest Banshee variant targets web browsers, including Chrome, Brave, Edge, and Vivaldi, along with browser extensions for cryptocurrency wallets. “It also exploits a Two-Factor Authentication extension to capture sensitive credentials,” the report said, adding that it “utilizes convincing pop-ups designed to look like legitimate system prompts to trick users into entering their “This new Banshee Stealer variant exposes a critical gap in Mac security,” Ms. Ngoc Bui, a cybersecurity expert at Menlo Security, said, “While companies are increasingly adopting Apple ecosystems, the security tools haven't kept pace. We need a multi-layered approach to security, including more trained hunters on Mac environments.”Our community is about connecting people through open and thoughtful conversations. We want our readers to share their views and exchange ideas and facts in a safe space.Insults, profanity, incoherent, obscene or inflammatory language or threats of any kindContinuous attempts to re-post comments that have been previously moderated/rejectedAttempts or tactics that put the site security at riskProtect your community.
Apple Warning Macos Macos Security Warning Macos Security Banshee Attack Banshee Apple Credential Hack Apple Hack Macbook Hack
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
9 Amazing 100-Year-Olds Reveal Their Longevity SecretsA. Pawlowski is a TODAY health reporter focusing on health news and features. Previously, she was a writer, producer and editor at CNN.
Read more »
US firm’s 100% silicon EV battery offers 50% more power, charges in 10 minsUS startup unveils silicon anode batteries with 50% higher energy density, 1,200 cycle life, and 10-minute EV charging, using SCC55 material.
Read more »
Astana 1-3 Chelsea: Guiu brace & Veiga ensure Blues maintain 100% Conference League rChelsea overcame the freezing conditions to beat FC Astana in the Conference League on Thursday evening.
Read more »
Red Flag Warning Issued for Los Angeles and Ventura Counties Due to Critical Fire ConditionsThe National Weather Service issued a Red Flag Warning for parts of Los Angeles and Ventura Counties due to strong winds and dry conditions, creating a high risk of wildfire.
Read more »
Critical Gmail Hack Attack Warning: How Phishing and AI Scams Can Cost You $500,000This article warns about a critical Gmail hack attack trend, highlighting how phishing and AI-powered scams can lead to significant financial losses. It details a $500,000 cryptocurrency theft case where a user's Gmail account was compromised through a combination of convincing phone calls, email alerts, and Google recovery prompts. The article emphasizes the importance of vigilance and awareness, even for security-conscious individuals.
Read more »
Nasdaq 100 Bears Have Critical Support at 21K in Crosshairs Ahead of Jobs DataStocks Analysis by Investing.com (Damian Nowiszewski) covering: Nasdaq 100, S&P 500, DAX, Nasdaq 100 Futures. Read Investing.com (Damian Nowiszewski)'s latest article on Investing.com
Read more »