Apple's Macs are generally considered more secure than Windows PCs, but they're not immune to hackers. Many incidents show that Macs are not immune to hacking, and a new one was recently added to the list. Security researchers have discovered a new type of stealth malware that targets browser credentials, cryptocurrency wallets, and other personal data. I This malware was reported in 2024 as well. Previously, it relied on macOS browser extensions to steal data. Now, it's using phishing sites and fake GitHub repositories to target Macs, which have a user base of 100 million people.
Introducing the latest and greatest AIRPODS PRO 2
Enter the giveaway by signing up for my account Free newsletter.
A person working on his Apple laptop (Kurt “CyberGuy” Knutson)
Develops malware that steals Mac information
Cybersecurity company Checkpoint Discover a new type of information-stealing malware, BanShee. Elastic Security Labs first highlighted this malware in mid-2024, noting that it operates as malware as a service, a business model in which cybercriminals provide access to malware and related infrastructure for a fee. At the time, it was available for up to $3,000 per month.
Check Point says this malware evolved in September after it was discovered. This time, its developers “stole” the string encryption algorithm from Apple's XProtect antivirus engine, which replaced the plain text strings used in the original version. Because antivirus software expects to see this type of encryption from legitimate Apple security tools, they are not flagged as suspicious, allowing BanShee to remain undetected and quietly steal data from targeted devices.
Woman working on her Apple desktop and laptop computer (Kurt “CyberGuy” Knutson)
4.3 million Americans suffered a massive health savings account data breach
How Mac malware works
BanShee Stealer is a prime example of how advanced malware has become. Once it gets into the system, it immediately starts stealing all kinds of sensitive information. It goes after data from browsers like Chrome, Brave, Edge, and Vivaldi, as well as cryptocurrency wallet extensions. So he takes advantage of Two-factor authentication (2FA) Extensions to obtain credentials. Furthermore, it collects details about the device's software and hardware, as well as the external IP address.
The Mac malware also tricks users with fake pop-ups that look like real system prompts, tricking victims into entering their macOS passwords. Once the stolen information is collected, BanShee leaks it to command and control servers, using encrypted and encrypted files to ensure the data remains secure.
The malware creators used GitHub repositories to deploy BanShee. They create fake repositories that appear to host popular software, complete with stars and reviews, to appear trustworthy. These campaigns didn't just target macOS users using BanShee. They also hit Windows users in a different way The malware is called Lumma Stealer. Over the course of three waves, attackers used these fake repositories to trick people into downloading their malicious files.
Woman working on her laptop (Kurt “CyberGuy” Knutson)
A massive security vulnerability that puts most popular browsers on Mac at risk
5 tips to protect yourself from Mac malware
Follow these essential tips to protect your Mac from the latest malware threats, including the infamous BanShee Stealer.
1) Have a powerful antivirus program: The best way to protect yourself from malicious links that install malware, and potentially access your private information, is to install antivirus software on all of your devices. This protection can also alert you to phishing emails and ransomware, keeping your personal information and digital assets safe. Get my picks for the best antivirus protection winners of 2025 for Windows, Mac, Android, and iOS.
2) Be careful about downloads and links: Download software only from trusted sources such as the Mac App Store or official websites of trusted developers. Be wary of unsolicited emails or messages asking you to download or install updates, especially if they contain links. Phishing attempts are often disguised as legitimate update notifications or urgent messages.
3) Keep your software up to date: Make sure macOS and all installed apps are up to date. Apple frequently releases security patches and updates to address vulnerabilities. Enable automatic updates for macOS and your apps to stay protected without having to manually check for updates. If you need more help, see my A guide on keeping all your devices updated.
4) Use strong and unique passwords: To protect your Mac from malware, it's also essential to use strong, unique passwords for all your accounts and devices. Avoid reusing passwords across different sites or services. A Password manager They can be incredibly useful here; It creates complex passwords and stores them for you, making it difficult for hackers to crack.
It also keeps track of all your passwords in one place and auto-fills them when you log into accounts, so you don't have to remember them yourself. By reducing the number of passwords you need to remember, you are less likely to reuse them, reducing the risk of security breaches. Get more details about my country The best expert-reviewed password managers of 2025 are here.
5) Use two-factor authentication (2FA): maybe 2FA For your important accounts, including your Apple ID, email, and any financial services. This adds an extra step to the login process, making it difficult for attackers to gain access even if they have your password.
How to remove your private data from the Internet
Key takeaway for Kurt
No device is immune from cyber attacks when it comes to a human operator. Take BanShee Stealer, for example. It was able to target Macs not because of poor cybersecurity measures by Apple but because it successfully tricked users into installing it and granting the required permissions. Most breaches, hacks, and other cyberattacks stem from human error. This highlights the importance of maintaining basic cybersecurity hygiene. It's important to know what you're downloading, make sure it's from a trusted source, and carefully review the permissions you grant to any online service or app.
When downloading new software, how do you determine if it is safe to install? Do you rely on app store ratings, reviews, or something else? Let us know by writing to us at Cyberguy.com/Contact.
For more tech tips and security alerts, sign up for the free CyberGuy Report newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or tell us what stories you'd like us to cover.
Follow Kurt on his social channels:
Answers to the most frequently asked questions about CyberGuy:
New from Kurt:
Copyright 2024 CyberGuy.com. All rights reserved.
