Bad news for MacBook owners. They are facing an insidious enemy. Malware called “MetaStealer” causes trouble by stealing data. Hackers designed software that also managed to masquerade as legitimate application installers. It is used to attack businesses with techniques and steal data from MacBooks.
MacBook owners should be wary of MetaStealers hackers!
Malware attacks on macOS continue to be a problem. So why can attacks cause so much damage? Unfortunately, the reason behind the success of the attacks is that they force users to open executable files. These attacks are called “MetaStealer” by macOS information thieves. Researchers have figured out how this thief software works. He published a report detailing it. This report explains how this phishing software works to trick users into opening their disk images.
Unfortunately MetaStealers are very professional about naming. The disk image file that holds the load is usually given names that may be of interest to users. What else are there among the examples? From presentation names to concept menus containing dishes and English translations, there is much more. They even went further. “They are even spoofing the names of installers of Adobe products such as Lucasprop and Photoshop, which have a contract and confidentiality agreement for payers.
Urgent security update for iOS 16.5.1 and macOS 13.4.1 from Apple!
Apple quickly released a security update after the vulnerability appeared shortly after iOS 16.5.1.
In fact, the effort to perform an installation is becoming more and more difficult for hackers through various means every day. The disk image contains the minimum content that will exist beyond the payload. Therefore, the file also does not contain an Apple Developer ID string.
These create extra obstacles. So attackers need to somehow convince the potential victim to override Gatekeeper and OCSP. The collected samples are all single-architecture Intel x86_64 binaries. So while these can be used directly on Intel Macs, they need to use Rosetta to run on Apple Silicon Macs.
Users need to be careful when opening suspicious files sent by others or downloaded from unofficial sources. Apple has already implemented some protective measures. Apple designed part of the XProtect x2170 update to include a detection signature that affects some versions of MetaStealer.