There is an increase in the sophistication of info thieves targeting macOS, allowing them to evade Apple’s malware protection built into the operating system as these attackers have become better at cracking static signature-detection engines like the platform’s proprietary XProtect, which makes it harder to detect malicious programs.
Currently, there are three active stealers, KeySteal, Atomic Infostealer, and CherryPie that can evade detection engines and have been able to get around multiple detection engines. XProtect’s XProtect is currently evading a variant of the first two stealers, SentinelOne researchers revealed in a blog post earlier this week.
In macOS, XProtect is a built-in antivirus program that searches downloaded files and apps for malware signatures and then removes any that contain malware.
Information stealers targeting the macOS operating system have increased since the beginning of 2023, with many threat actors actively targeting Apple devices.
There have been a great deal of versions of Atomic Stealer, macOS meta-stealer, RealStealer, and many others that have been discovered in the past year. In macOS, Apple updated its built-in antivirus signature database called XProtect, which indicates that Apple has taken the necessary steps to prevent these info thieves from getting their hands dirty.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: