Cybersecurity experts at Check Point Research recently discovered a new variant of the Banshee infostealer malware that can bypass Apple’s built-in security measures on macOS devices. The malware, originally seen in mid-2024, is designed to steal sensitive information like system details, browser data, and cryptocurrency wallets. Initially offered as a service for $3,000 per month, Banshee’s source code was leaked in November 2024, leading to wider distribution by different hacking groups.

The latest version of Banshee incorporates Apple’s XProtect string encryption, making it harder to detect as it masquerades as normal system activity. This development suggests a new threat actor behind the malware and the campaign, which started in September 2024, went undetected for about two months. Distribution now occurs through GitHub repositories, where cybercriminals pose as legitimate software to trick unsuspecting users.

Check Point researchers warn that macOS, despite its security reputation, is increasingly targeted by sophisticated threats like Banshee. They recommend enhancing cybersecurity measures and staying vigilant. Additionally, the threat actors behind Banshee are also targeting Windows users with a different malware called Lumma Stealer. The rise of these threats underscores the importance of robust cybersecurity practices in protecting against evolving cyber threats. (Via BleepingComputer)