Executive Summary: Since September, Check Point Research (CPR) has been monitoring a new version of the Banshee macOS Stealer, a malware that steals browser credentials, cryptocurrency wallets, and other sensitive data. Undetected for over two months, Banshee’s latest version introduced string encryption taken from Apple’s XProtect, likely causing antivirus detection systems to overlook the malware Threat actors distributed Banshee using phishing websites and fake GitHub repositories, often impersonating popular software like Chrome and Telegram. A key update in the new version removed a Russian language check, expanding the malware’s potential targets. The Banshee Stealer highlights the growing risks to macOS […]
The post Cracking the Code: How Banshee Stealer Targets macOS Users appeared first on Check Point Blog.