金色财经
金色财经|4月 22, 2026 10:42
[SlowMist: Highly Destructive Malware Detected on macOS, Capable of Stealing Sensitive Data Including Crypto Wallets] Reported by Jinse Finance on April 22, according to monitoring by SlowMist, a highly destructive malware named 'MacSync Stealer' (v1.1.2) is currently active. This malware targets macOS users and steals sensitive data, including crypto wallets, browser credentials, system keychains, and infrastructure keys (SSH/AWS/K8s). The malware employs phishing tactics using fake AppleScript system dialogs and displays a fake 'unsupported' error message after data exfiltration. The IOC (Indicator of Compromise) has already been promptly synchronized with clients. SlowMist advises users not to execute unverified macOS scripts and to remain highly vigilant against unexpected system password prompts. If an attack is suspected, immediate remediation is required: change all infrastructure credentials (SSH/AWS/K8s), invalidate exposed keychains, and swiftly migrate crypto assets to secure wallets.
+5
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads