A new infostealer malware has emerged for Apple macOS devices named ShadowVault. The tool is being advertised on underground cybercrime forums. It can extract and exfiltrate browser passwords, Telegram data, cryptocurrency wallet keys, and Apple keychains.
Infostealer malware has existed for years on Windows and Linux operating systems, but Apple devices have long been able to avoid the brunt of malware threats. That isn’t because Apple devices are inherently more secure; it is simply a numbers game as attackers and malware authors simply want to attack devices with the largest footprint.
ShadowVault was first detected on a notorious dark web forum XSS, and has been built to specifically steal sensitive data from macOS devices.
Guardz states that it maintains anonymous avatars on popular dark web forums to track emerging cyber threats.
While Apple devices are largely less prone to malware and viruses as other operating systems, ShadowVault is a reminder that any device is hackable and no operating system is immune to malware.
