New warning for millions of Apple users issued.
Update, January 12, 2025: This story, originally published on January 10, now includes more information on research research changes on the point of punctuality made to the malware of Apple MacOS thief as well as comments from a certain number of security experts concerning this type of Cyber-Cyber attack.
Although Windows users are historically more likely to be targeted by cyber attacks, and as regards Apple, most of the security stories that we read tend to involve the iPhone in a way or of Another, new research suggests that 100 million MacOS users are firmly in the reticle While cybercriminals seek to exploit the growing popularity of the operating system. Here is what you need to know about the threat variant of the newly discovered thief Banshee.
What 100 million Apple users should know about the Banshee thief
A new variant of the threat of Banshee MacOS thief, capable of hacking browser references, cryptocurrency portfolios and other sensitive data, has been monitored by safety researchers since the end of last year. Now these intelligence experts in check -out threats have published a new report Notify 100 million users of the real and present dangers posed by this hacking attack campaign.
I am a relatively recent convert to the world of macOS, after buying the MacBook Pro a few years ago largely due to the security protections that the Apple ecosystem provides. I am not blind to the fact that this does not mean that anyone use MacOS is somehow immune to attack, this is simply not the case. The Banshee thief is sufficient proof if someone doubted that these thief threats as a service apply to Apple users as much as anyone.
“For $ 3,000,” Check Point Researchers Said, “Threat Actors Could Purchase This Malware to Target Macos Users,” With the Criminal Developers Having “Stolen A String Encryption Algorithm from Apple’s Own Xprotect Antivirus Engine, Which Retlaim the Plain Text Strings Original version. “This probably allowed Banshee to avoid detection. However, when the source code of malware was disclosed on the Dark Web at the end of 2024, the service was arrested. The checkpoint said that the ‘period, this would lead to new variants, developed by other actors in the threat, emerging;
The report on the point of control on the newly advanced Banshee thieves campaign warned that companies “should recognize the wider risks posed by modern malware”, including the potential for costly data violations that the compromise of sensitive information and reputation damage provides.
Security experts are expressed by the latest attacks by Banshee Apple MacOS
The return of Malware from Banshee thief, with its improved antivirus detection capacities, represents a significant risk for organizations using macOS devices, according to Eric Schwake, director of cybersecurity strategy at Salt Security. “Despite the common conviction that Macs offer greater security,” said Schwake, “this incident emphasizes that organizations must adopt solid safety measures on all devices, regardless of their operating systems.” It is only by adopting a proactive position on macOS security that organizations can “reduce the risk of threat evolution such as Banshee thief and protect their essential data and resources,” said Schwake. Such a proactive position implies implementing security points safety solutions, applying strict password policies, educating staff on the risks of phishing and malware and ensuring that all Software is regularly updated with the latest security fixes, concluded Schwake.
“Banshee Stealer is a clear indicator of evolution threats targeting macOS systems,” said James Scobey, the information director of information security at Keeper Security, “who are traditionally considered to be safer than their PC and less sensitive counterparts and less sensitive malware and viruses. Refine their techniques, including encryption methods inspired by native security tools, “continued Scobey,” it is obvious that companies can no longer rely on hypotheses inherited on the safety of platforms. Errors. “”
In a much more detailed technical report On the threat of Banshee Stealer, Antonis Terefos de Check Point said that it was the “relatively small update of the code for encryption of strings introduced by the Banshee developer” who led most of the antivirus engines not to detect This dangerous infostealer macOS for more than two months. “This illustrates the growing trend of threat actors targeting macOS users as well as the expansion of their arsenal and their capacities with malware and tools for different operating systems.”
Meanwhile, Jaron Bradley, director of lamf Threat Labs, warned that his own information on threats had observed a significant increase in the campaigns of identification thieves growing in 2023. “These campaigns were very successful Even on the macOS platform, “said Bradley, said Bradley,” the success of these thieves is mainly motivated by social engineering, where attackers convince users to execute malware themselves. »» The lesson to be learned is as obvious as they are old: whatever the robustness of operating system security measures, attackers can often bypass them by presenting users a convincing reason to act. “This also underlines that if Apple’s Xprotect rules are effective in detecting known malware,” said Bradley, “they are closely monitored by malicious software authors, allowing them to adapt and escape detection In future iterations using creative methods. “
Apple MacOS users must pay attention – or undergo the consequences of security
While conceding that Apple does a good job to include robust security protections for macOS users, such as Gatekeeper, Xprotect and Sandboxing, the researchers of the control point have warned that the Renaissance and the rise of the Banshee thief ” recall that no operating system is immune to threats. MacOS users who ignore this warning do so at their own risk. Indeed, the “success of Banshee demonstrates the importance for users of MacOS to remain vigilant,” said Antonis Terefos de Check Point, adding that “it is crucial that security solutions are evolving and offering better protection against increasingly sophisticated attacks while threat actors continue to extend their scope.
Indeed, Banshee works not detected and mixes in a transparent way with perfectly normal system processes, but all the time, it steals browser identification information, cryptocurrency wallets, user passwords and data of sensitive files. “Even seasoned IT professionals find it difficult to identify its presence,” warned the report on the control point: “Banshee Stealer is not only another malicious software – it is a critical warning for users to reassess their safety hypotheses and take proactive measures to protect their data. “”
The latest Banshee variant targets web browsers, including Chrome, Brave, Edge and Vivaldi, as well as browser extensions for cryptocurrency wallets. “It also operates an authentication extension with two factors to capture sensitive identification information,” said the report, adding that it “uses convincing contextual windows designed to look like legitimate system prompts to encourage users to enter In their macOS passwords “.
“This new Banshee Stealer variant exhibits a critical shortcoming in Mac security,” said Ngoc Bui, cybersecurity expert in Menlo Security, “while businesses are increasingly adopting Apple ecosystems, security tools have not safety tools Not followed the pace.
Then, there is the protection of the privileged access management which can no longer reside in the pleasant category in Have for professional users, it quickly became an essential pillar of modern cybersecurity. The threat of Banshee thief only increases this warning. “By restricting access and ensuring that high authorizations are only granted if necessary,” said Scobey, “the management of privileged access considerably reduces the attack surface for threats like Banshee.” When combined with protection of termination points and robust management of passwords, he creates a formidable barrier against such exploits. “The time has come for companies to pass reactive security strategies to proactive security strategies”, agreed Scobey, concluding that “malicious software like Banshee feed on gaps in vigilance and access controls. By prioritizing advanced tools, user education and layers in layers, organizations can stay in the lead in the race against cyber-men’s evolution. “”
I contacted Apple for a declaration.
