Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > uk.comp.sys.mac > #180252 > unrolled thread

Apple users warned of hi-tech Mac malware

Started byDavid <BD@invalid.email>
First post2025-02-17 00:02 +0000
Last post2025-02-17 15:03 -0800
Articles 12 — 3 participants

Back to article view | Back to uk.comp.sys.mac


Contents

  Apple users warned of hi-tech Mac malware David <BD@invalid.email> - 2025-02-17 00:02 +0000
    Apple users warned of hi-tech Mac malware David <BD@invalid.email> - 2025-02-17 00:05 +0000
      Re: Apple users warned of hi-tech Mac malware FromTheRafters <FTR@nomail.afraid.org> - 2025-02-17 05:41 -0500
        Re: Apple users warned of hi-tech Mac malware David <BD@invalid.email> - 2025-02-17 14:15 +0000
          Re: Apple users warned of hi-tech Mac malware FromTheRafters <FTR@nomail.afraid.org> - 2025-02-17 13:58 -0500
            Re: Apple users warned of hi-tech Mac malware David <BD@invalid.email> - 2025-02-17 19:48 +0000
              Re: Apple users warned of hi-tech Mac malware Mike Easter <MikeE@ster.invalid> - 2025-02-17 16:32 -0800
                Re: Apple users warned of hi-tech Mac malware David <BD@invalid.email> - 2025-02-18 08:17 +0000
        Re: Apple users warned of hi-tech Mac malware Mike Easter <MikeE@ster.invalid> - 2025-02-17 12:34 -0800
          Re: Apple users warned of hi-tech Mac malware Mike Easter <MikeE@ster.invalid> - 2025-02-17 14:21 -0800
            Re: Apple users warned of hi-tech Mac malware David <BD@invalid.email> - 2025-02-17 22:31 +0000
              Re: Apple users warned of hi-tech Mac malware Mike Easter <MikeE@ster.invalid> - 2025-02-17 15:03 -0800

#180252 — Apple users warned of hi-tech Mac malware

FromDavid <BD@invalid.email>
Date2025-02-17 00:02 +0000
SubjectApple users warned of hi-tech Mac malware
Message-ID<m1fckgF87jmU6@mid.individual.net>
Apple users warned of hi-tech Mac malware that steals personal data, 
goes undetected for months — here’s how to stay safe:-

https://nypost.com/2025/01/11/tech/apple-users-warned-of-hi-tech-mac-malware-that-steals-personal-data-goes-undetected-for-months-heres-how-to-stay-safe

//An estimated 100 million Apple users are at risk of falling victim to 
malware.

Cybersecurity software company Check Point issued an urgent warning to
the millions of Mac users around the world who may be preyed on by
malicious actors evading the devices’ built-in antivirus systems.

According to the company, cybercriminals have developed malware, dubbed
the “Banshee macOS Stealer,” which secretly steals credentials and other
sensitive data while operating undetected for more than months.//

There's more ......

-- 
David

[toc] | [next] | [standalone]


#180253

FromDavid <BD@invalid.email>
Date2025-02-17 00:05 +0000
Message-ID<m1fcpdF87jmU7@mid.individual.net>
In reply to#180252
On 17/02/2025 00:02, David wrote:
> Apple users warned of hi-tech Mac malware that steals personal data, 
> goes undetected for months — here’s how to stay safe:-
> 
> https://nypost.com/2025/01/11/tech/apple-users-warned-of-hi-tech-mac- 
> malware-that-steals-personal-data-goes-undetected-for-months-heres-how- 
> to-stay-safe
> 
> //An estimated 100 million Apple users are at risk of falling victim to 
> malware.
> 
> Cybersecurity software company Check Point issued an urgent warning to
> the millions of Mac users around the world who may be preyed on by
> malicious actors evading the devices’ built-in antivirus systems.
> 
> According to the company, cybercriminals have developed malware, dubbed
> the “Banshee macOS Stealer,” which secretly steals credentials and other
> sensitive data while operating undetected for more than months.//
> 
> There's more ......

Shared with folk on ACW

-- 
David

[toc] | [prev] | [next] | [standalone]


#180276

FromFromTheRafters <FTR@nomail.afraid.org>
Date2025-02-17 05:41 -0500
Message-ID<vov3o3$13tet$1@dont-email.me>
In reply to#180253
David pretended :
> On 17/02/2025 00:02, David wrote:
>> Apple users warned of hi-tech Mac malware that steals personal data, goes 
>> undetected for months — here’s how to stay safe:-
>> 
>> https://nypost.com/2025/01/11/tech/apple-users-warned-of-hi-tech-mac- 
>> malware-that-steals-personal-data-goes-undetected-for-months-heres-how- 
>> to-stay-safe
>> 
>> //An estimated 100 million Apple users are at risk of falling victim to 
>> malware.
>> 
>> Cybersecurity software company Check Point issued an urgent warning to
>> the millions of Mac users around the world who may be preyed on by
>> malicious actors evading the devices’ built-in antivirus systems.
>> 
>> According to the company, cybercriminals have developed malware, dubbed
>> the “Banshee macOS Stealer,” which secretly steals credentials and other
>> sensitive data while operating undetected for more than months.//
>> 
>> There's more ......
>
> Shared with folk on ACW

I found no meat in that sandwich, I found this though:

https://www.intego.com/mac-security-blog/banshee-stealer-mac-malware-resurfaced-in-new-campaigns/

[toc] | [prev] | [next] | [standalone]


#180282

FromDavid <BD@invalid.email>
Date2025-02-17 14:15 +0000
Message-ID<m1guk5FfjgvU1@mid.individual.net>
In reply to#180276
On 17/02/2025 10:41, FromTheRafters wrote:
> David pretended :
>> On 17/02/2025 00:02, David wrote:
>>> Apple users warned of hi-tech Mac malware that steals personal data, 
>>> goes undetected for months — here’s how to stay safe:-
>>>
>>> https://nypost.com/2025/01/11/tech/apple-users-warned-of-hi-tech-mac- 
>>> malware-that-steals-personal-data-goes-undetected-for-months-heres- 
>>> how- to-stay-safe
>>>
>>> //An estimated 100 million Apple users are at risk of falling victim 
>>> to malware.
>>>
>>> Cybersecurity software company Check Point issued an urgent warning to
>>> the millions of Mac users around the world who may be preyed on by
>>> malicious actors evading the devices’ built-in antivirus systems.
>>>
>>> According to the company, cybercriminals have developed malware, dubbed
>>> the “Banshee macOS Stealer,” which secretly steals credentials and other
>>> sensitive data while operating undetected for more than months.//
>>>
>>> There's more ......
>>
>> Shared with folk on ACW
> 
> I found no meat in that sandwich, I found this though:
> 
> https://www.intego.com/mac-security-blog/banshee-stealer-mac-malware- 
> resurfaced-in-new-campaigns/

Thank you.

Are you persuaded to pay for anti-malware software for your Macbook Pro?

-- 
David

[toc] | [prev] | [next] | [standalone]


#180290

FromFromTheRafters <FTR@nomail.afraid.org>
Date2025-02-17 13:58 -0500
Message-ID<vp00rt$198gh$1@dont-email.me>
In reply to#180282
David pretended :
> On 17/02/2025 10:41, FromTheRafters wrote:
>> David pretended :
>>> On 17/02/2025 00:02, David wrote:
>>>> Apple users warned of hi-tech Mac malware that steals personal data, goes 
>>>> undetected for months — here’s how to stay safe:-
>>>>
>>>> https://nypost.com/2025/01/11/tech/apple-users-warned-of-hi-tech-mac- 
>>>> malware-that-steals-personal-data-goes-undetected-for-months-heres- how- 
>>>> to-stay-safe
>>>>
>>>> //An estimated 100 million Apple users are at risk of falling victim to 
>>>> malware.
>>>>
>>>> Cybersecurity software company Check Point issued an urgent warning to
>>>> the millions of Mac users around the world who may be preyed on by
>>>> malicious actors evading the devices’ built-in antivirus systems.
>>>>
>>>> According to the company, cybercriminals have developed malware, dubbed
>>>> the “Banshee macOS Stealer,” which secretly steals credentials and other
>>>> sensitive data while operating undetected for more than months.//
>>>>
>>>> There's more ......
>>>
>>> Shared with folk on ACW
>> 
>> I found no meat in that sandwich, I found this though:
>> 
>> https://www.intego.com/mac-security-blog/banshee-stealer-mac-malware- 
>> resurfaced-in-new-campaigns/
>
> Thank you.
>
> Are you persuaded to pay for anti-malware software for your Macbook Pro?

Not yet.

[toc] | [prev] | [next] | [standalone]


#180295

FromDavid <BD@invalid.email>
Date2025-02-17 19:48 +0000
Message-ID<m1hi3uFik5sU1@mid.individual.net>
In reply to#180290
On 17/02/2025 18:58, FromTheRafters wrote:
> David pretended :
>> On 17/02/2025 10:41, FromTheRafters wrote:
>>> David pretended :
>>>> On 17/02/2025 00:02, David wrote:
>>>>> Apple users warned of hi-tech Mac malware that steals personal 
>>>>> data, goes undetected for months — here’s how to stay safe:-
>>>>>
>>>>> https://nypost.com/2025/01/11/tech/apple-users-warned-of-hi-tech- 
>>>>> mac- malware-that-steals-personal-data-goes-undetected-for-months- 
>>>>> heres- how- to-stay-safe
>>>>>
>>>>> //An estimated 100 million Apple users are at risk of falling 
>>>>> victim to malware.
>>>>>
>>>>> Cybersecurity software company Check Point issued an urgent warning to
>>>>> the millions of Mac users around the world who may be preyed on by
>>>>> malicious actors evading the devices’ built-in antivirus systems.
>>>>>
>>>>> According to the company, cybercriminals have developed malware, 
>>>>> dubbed
>>>>> the “Banshee macOS Stealer,” which secretly steals credentials and 
>>>>> other
>>>>> sensitive data while operating undetected for more than months.//
>>>>>
>>>>> There's more ......
>>>>
>>>> Shared with folk on ACW
>>>
>>> I found no meat in that sandwich, I found this though:
>>>
>>> https://www.intego.com/mac-security-blog/banshee-stealer-mac-malware- 
>>> resurfaced-in-new-campaigns/
>>
>> Thank you.
>>
>> Are you persuaded to pay for anti-malware software for your Macbook Pro?
> 
> Not yet.

OK. Thanks.

[toc] | [prev] | [next] | [standalone]


#180311

FromMike Easter <MikeE@ster.invalid>
Date2025-02-17 16:32 -0800
Message-ID<m1i2o7Fl1a1U1@mid.individual.net>
In reply to#180295
BDB wrote:
> FTR wrote:
>> David pretended :
>>>>
>>> Are you persuaded to pay for anti-malware software for your Macbook Pro?
>>
>> Not yet.
> 
> OK. Thanks.

I predict FTR does a lot less 'stupid stuff' on his Mac than you do BDB.

Behavior has a lot to do w/ the risks of being on the internet.

The idea that you can act however you want to and just format the drive 
and reinstall periodically is NOT good strategy.


-- 
Mike Easter

[toc] | [prev] | [next] | [standalone]


#180317

FromDavid <BD@invalid.email>
Date2025-02-18 08:17 +0000
Message-ID<m1iu19Fojf3U2@mid.individual.net>
In reply to#180311
On 18/02/2025 00:32, Mike Easter wrote:
> BDB wrote:
>> FTR wrote:
>>> David pretended :
>>>>>
>>>> Are you persuaded to pay for anti-malware software for your Macbook 
>>>> Pro?
>>>
>>> Not yet.
>>
>> OK. Thanks.
> 
> I predict FTR does a lot less 'stupid stuff' on his Mac than you do BDB.

I agree, 100%

> Behavior has a lot to do w/ the risks of being on the internet.

Again, I agree.

> The idea that you can act however you want to and just format the drive 
> and reinstall periodically is NOT good strategy.

Please explain WHY you think that, Mike.

-- 
ChatGPT says ....

You're absolutely right. Relying on periodic reinstalls as a way to deal 
with bad security practices, poor system maintenance, or reckless 
software installations is a terrible strategy. Some reasons why include:

1. **Data Loss Risks** – Even with backups, there’s always a chance of 
losing something important.
2. **Malware Persistence** – Some malware can survive reinstalls by 
hiding in firmware or infecting backups.
3. **Time-Consuming** – Reinstalling and setting everything up again 
takes time that could be saved by proper maintenance.
4. **Hardware Wear** – Constantly writing large amounts of data during 
reinstalls contributes to SSD wear.
5. **Bad Habits Stay** – If someone keeps making the same mistakes, 
reinstalling won’t fix the root problem.

A better approach is to maintain good security habits, use backups 
properly, and troubleshoot issues instead of nuking the system every 
time something goes wrong.

[toc] | [prev] | [next] | [standalone]


#180296

FromMike Easter <MikeE@ster.invalid>
Date2025-02-17 12:34 -0800
Message-ID<m1hkrcFiu5aU1@mid.individual.net>
In reply to#180276
FTR wrote:
> I found no meat in that sandwich, I found this though:
> 
> https://www.intego.com/mac-security-blog/banshee-stealer-mac-
> malware- resurfaced-in-new-campaigns/

That article has an interesting section:

> How can I keep my Mac safe from stealer malware?

The site is actually a promotional one for an antimalware Intego.  Not
only is it a 'counter-balance' to the idea of Macs not needing 3rd party
ware, but it also takes a smack at one of BDB's faves, namely VT, which
doesn't include Intego:

> Notably, Intego’s VirusBarrier engine is not one of the more than 60
> engines on VirusTotal. Intego did not have an extended gap in
> Banshee Stealer variant detection, unlike many other antivirus
> companies seem to have had. In fact, Intego was already detecting
> the supposedly “new” variants several months before the latest
> reports hit the news cycle.

I was curious about which engines were detecting that malware; sortofa 
when did what ware, including Mac's, start being able to detect the 
family.  I don't know how to use VT to see that; maybe somewhere else 
there is a specific article whose purpose isn't just to promote Intego.



-- 
Mike Easter

[toc] | [prev] | [next] | [standalone]


#180301

FromMike Easter <MikeE@ster.invalid>
Date2025-02-17 14:21 -0800
Message-ID<m1hr35Fjuv3U1@mid.individual.net>
In reply to#180296
Mike Easter wrote:
> maybe somewhere else there is a specific article whose purpose isn't 
> just to promote Intego.

This site has more than anyone should want to know about this malware. 
I don't really understand the idea of the ware's 'stealing' of Mac's 
XProtect 'string'.

https://research.checkpoint.com/2025/banshee-macos-stealer-that-stole-code-from-macos-xprotect/

> Banshee: The Stealer That “Stole Code” From MacOS XProtect

Bleeping Computer's explanation is easier to get:

https://www.bleepingcomputer.com/news/security/banshee-stealer-evades-detection-using-apple-xprotect-encryption-algo/

> Banshee stealer evades detection using Apple XProtect encryption algo



-- 
Mike Easter

[toc] | [prev] | [next] | [standalone]


#180303

FromDavid <BD@invalid.email>
Date2025-02-17 22:31 +0000
Message-ID<m1hrl6Fjft2U3@mid.individual.net>
In reply to#180301
On 17/02/2025 22:21, Mike Easter wrote:
> Mike Easter wrote:
>> maybe somewhere else there is a specific article whose purpose isn't 
>> just to promote Intego.
> 
> This site has more than anyone should want to know about this malware. I 
> don't really understand the idea of the ware's 'stealing' of Mac's 
> XProtect 'string'.
> 
> https://research.checkpoint.com/2025/banshee-macos-stealer-that-stole- 
> code-from-macos-xprotect/
> 
>> Banshee: The Stealer That “Stole Code” From MacOS XProtect
> 
> Bleeping Computer's explanation is easier to get:
> 
> https://www.bleepingcomputer.com/news/security/banshee-stealer-evades- 
> detection-using-apple-xprotect-encryption-algo/
> 
>> Banshee stealer evades detection using Apple XProtect encryption algo

Frightening, eh?!!! ;-)

Well, it should be ....... for users of Mac computers!

-- 
David

[toc] | [prev] | [next] | [standalone]


#180304

FromMike Easter <MikeE@ster.invalid>
Date2025-02-17 15:03 -0800
Message-ID<m1htivFk554U3@mid.individual.net>
In reply to#180303
David wrote:
> Frightening, eh?!!! 😉
> 
> Well, it should be ....... for users of Mac computers!

If you read about or pay attention to how it is 'distributed' and 
installed, you might feel a little less frightened.

The whole idea is to foist malware on people who are trying to get 
cracks of copyrighted s/w.

If you aren't that type, it seems that you wouldn't be likely to come 
across and offer to give you something to install the malware, unbeknownst.

-- 
Mike Easter

[toc] | [prev] | [standalone]


Back to top | Article view | uk.comp.sys.mac


csiph-web