top of page
OutSystems-business-transformation-with-gen-ai-ad-300x600.jpg
OutSystems-business-transformation-with-gen-ai-ad-728x90.jpg
TechNewsHub_Strip_v1.jpg

LATEST NEWS

Security researchers warn against “undetectable” MacOS info-stealer

Marijan Hassan - Tech Journalist

MacOS, once considered a more secure alternative to Windows, is facing growing threats as cybercriminals target its expanding user base. The latest wake-up call is the Banshee MacOS Stealer, a highly sophisticated malware that operates undetected, stealing sensitive data from unsuspecting users.



According to Check Point Research (CPR), Banshee represents a new breed of stealthy threats, capable of bypassing macOS’s built-in security features like Gatekeeper and XProtect. Its rise underscores the need for users and businesses to reassess their cybersecurity strategies.


What makes Banshee info-stealer so dangerous?

Banshee, first observed in mid-2024, was initially sold as a "stealer-as-a-service" on underground forums. This allowed less technically skilled threat actors to purchase and deploy the malware for around $3,000.


Banshee’s evolution took another turn in September when its developers modified the malware to incorporate Apple’s own encryption algorithm. This allowed Banshee to evade detection for over two months, during which it was distributed through phishing websites and malicious GitHub repositories disguised as legitimate software like Chrome, Telegram, and TradingView.


In another twist, the malware’s source code was leaked on underground forums in November 2024, leading to its public shutdown. However, the malicious actors are still concerned that the threat actors may pivot and create new variants.


Once on a system, Banshee Stealer operates with chilling precision:


Stealing Data: It targets a wide range of data, including browser credentials from popular browsers like Chrome, Brave, Edge, and Vivaldi, as well as data from cryptocurrency wallet extensions. It also collects macOS passwords and system details, such as external IP addresses and hardware information.

  • Tricking Users: The malware uses convincing pop-ups that mimic legitimate system prompts to trick users into providing their macOS passwords.

  • Evading Detection: Banshee employs anti-analysis techniques to bypass antivirus software and avoid detection by security tools.

  • Exfiltrating Data: Stolen data is sent back to command-and-control servers through encrypted files, making it difficult to track.


What we can learn from Banshee Stealer

Banshee’s success highlights a critical lesson for businesses and individual users alike: cyber threats are constantly evolving, and security measures must evolve with them. Despite the source code being leaked, resulting in increased detection of the malware, Check Point Research (CPR) has found that campaigns distributing Banshee are still active, often using phishing websites to spread the malware.


Protecting yourself

Banshee’s rise serves as a stark reminder that no operating system is immune to cyber threats. MacOS users must abandon the assumption of safety and adopt proactive cybersecurity measures, including:


Using advanced antivirus solutions that detect and neutralize emerging threats

Avoiding downloads from unverified sources, even if they appear legitimate

Educating employees about phishing tactics and fake system prompts

wasabi.png
Gamma_300x600.jpg
paypal.png
bottom of page