- Buy Crypto
- Markets
Futures- Spot
- Copy Trade
- Earn
- More
macOS Trojan Upgrades: Spreading through Signed App, Encrypting Users Face More Covert Risk
BlockBeats News, December 23, SlowMist Chief Security Officer 23pds shared a post stating that the MacSync Stealer malware active on the macOS platform has undergone significant evolution, with user assets already being stolen. The article shared by him mentioned that from earlier reliance on "drag-and-drop to Terminal" and "ClickFix" and other low-threshold inducement methods, it has upgraded to code signing and through Apple notarized Swift applications, significantly improving its stealthiness.
Researchers found that this sample is being spread in the form of a disk image named zk-call-messenger-installer-3.9.2-lts.dmg, disguised as instant messaging or utility applications to induce users to download. Unlike before, the new version no longer requires any terminal operation by the user but is pulled and executed by a built-in Swift helper from a remote server to complete the information theft process.
This malware has been code signed and notarized by Apple, with the developer team ID being GNJLS3UYZ4, and the related hash has not been revoked by Apple during analysis. This means that it has a higher "trust level" under macOS's default security mechanisms, making it easier to bypass user vigilance. Research also found that the DMG file is unusually large, containing decoy files related to LibreOffice PDFs, among others, to further reduce suspicion.
Security researchers pointed out that such information-stealing trojans often target browser data, account credentials, and cryptocurrency wallet information. As malware begins to systematically abuse Apple's signing and notarization mechanism, cryptocurrency users in the macOS environment are facing an increasing risk of phishing and private key leaks.
Users are strongly advised to ensure that threat prevention and advanced threat control are enabled in Jamf for Mac and set to blocking mode to defend against these latest variants of information-stealing malware.
You may also like
To the Builders who are still persevering in the crypto industry
Oil Price Cools Off, Crypto Bounces Back
a16z Releases Top 100 AI Applications List, Models Are Moving Out of the Browser and App
If you only follow the news, you may have misconstrued this Iran conflict
ERC-8183: Write a Rule for a $3M On-Chain Agent Business
AI Mistakenly 'Tips' $260,000, Makes It All Back in 24 Hours
Arthur Hayes: Why is HYPE a 5x Moonshot?
OpenClaw Money-Saving Strategy: Saving Two Thousand a Month - What Am I Doing Right?
a16z: Making a $2 Billion Bet on the Next Dawn of Web3
Trade to Earn Series IV: WEEX Launches Up to 40% Real-Time Futures Fee Rebates
Trade futures on WEEX and earn up to 40% real-time fee rebates. Trade to Earn Series IV lets you accumulate WXT rewards while reducing trading costs.
WEEX AI Hackathon Champions Crowned, Revealing Future of AI Trading
The first-ever WEEX AI Hackathon has concluded, with 10 winners emerging from over 200 global teams. Beyond its $1.8 million prize pool, the event marked a milestone—proving that the future of AI trading belongs to accessible, AI-powered innovation.
View: No Hype, No FUD, I Rate OpenClaw at 65 Points
Single-day Oil Price Plunge Exceeds 30%, Copilot Cowork Feature Launched, What Is the English-Speaking Community Talking About Today?
The Agent Spend Safely thing has already taken off
After the rise in the stablecoin's status, long-time partners Circle and Stripe vie for dominance
WEEX Trade to Earn: Turn Futures Trading into Instant WXT Rewards
Join WEEX Trade to Earn and earn instant WXT rebates on every futures trade. Boost rewards with referrals and tasks. Trade more, earn more on WEEX exchange.
Trading Everything, Never Closing: RWA Perpetual Contracts (Part 1)
App