A new form of malware has been making the rounds on the web and stealing business data from Intel-based Mac computers.
Hackers are allegedly using a malware called ‘MetaStealer’ and having it pose as a legitimate app installer. Researchers explain how ‘MetaStealer’ works and its primary mode of action. SentinelOne’s Phil Stokes said attackers are hacking into targeted businesses that are running macOS by pretending to be fake clients.
The users are coerced into installing the malware through social engineering, with samples revealing the image file to have a payload that provides hackers a list of names for interested businesses. A single executable isn’t enough to get the computer hacked as victims will still need to override OCSP and Gatekeeper.
Business and Mac computer owners are advised not to open any type of suspicious email or files. Apple has responded to the malware by releasing update X2170 for XProtect to detect MetaStealer signatures and block the threat.
