macOS stealers have gotten an more and more frequent sort of malware on the Mac, in line with the 2025 State of Malware report that Malwarebytes shared this week.
Most Mac malware has traditionally been VSearch adware or the Genieo browser hijacker, however extra malicious malware is on the rise, and 2024 noticed a brand new wave of knowledge stealing malware hit the Mac.
Stealers are designed to find bank card data, authentication cookies, cryptocurrency, passwords, and different helpful knowledge that criminals can use to earn money.
Malicious apps that steal data are usually put in when a Mac consumer searches for a professional software program product after which makes use of a malicious Google or Bing search advert to obtain an infested duplicate model of the software program they sought. Attackers are capable of ship focused adverts for malicious software program primarily based on location, working system, software program, and search phrases.
Atomic Stealer (AMOS), an data stealer that surfaced in 2023, is used recurrently, and a model of AMOS known as Poseidon has turning into more and more standard with criminals. Poseidon is marketed as having the ability to steal cryptocurrency from greater than 160 wallets in addition to passwords from internet browsers and choose password managers. Poseidon downloads have masqueraded as professional Mac apps just like the Arc Browser, tricking unsuspecting Mac customers into putting in the malware.
Malwarebytes warns that macOS stealers like Poseidon permit criminals to entry delicate sources, steal credentials, and create convincing social engineering assaults.
To keep away from this type of assault, it is very important confirm the place software program is being downloaded from, guaranteeing that it comes from a professional developer and never an imitation web site.