News

New macOS Malware Disguised as Leaked GTA 6 Game

A new macOS malware disguised as a leaked version of the GTA 6 game has been discovered.

The malware targets users by tricking them into installing it by making it appear as if it is the leaked game.

Once installed, the malware steals sensitive data such as passwords and cryptocurrency wallet information.

Users are advised to only download macOS software from the App Store and to never bypass the Gatekeeper security system.

Details:

The malware, discovered by researchers at Moonlock, is a type of PSW (password-stealing) Trojan. It is disguised as either a leaked version of the GTA 6 game or a cracked version of the Notion software.

Once installed, the malware creates a Mach-O file called AppleApp that sends a GET request to a specific IP address that appears to be located in Russia.

If the connection is successful, the malware proceeds to attempt to achieve its goals, which include extracting usernames and passwords and confidential information.

To access the Keychain database, which is only accessible with the computer’s password, the malware displays a fake page that resembles the default macOS floating window that appears when installing an application. When the user enters their system password, the Keychain information is also obtained by the hackers.

The malware also goes on to extract cookie details, form history, and usernames and passwords from popular browsers such as Chrome, Edge, Firefox, Brave, Opera, and Opera GX. It also searches for recent server lists from FileZilla and macOS Keychain, and even cryptocurrency wallets.

To protect yourself from this and other malware, users are advised to only download macOS software from the App Store and to never bypass the Gatekeeper security system.

Back to top button