"Sophisticated macOS Infostealers Get Past Apple's Built-In Detection"

As attackers gain more knowledge about how to crack static signature-detection engines, increasingly sophisticated infostealers are targeting macOS with the ability to evade Apple's built-in malware protection. According to SentinelOne researchers, three active infostealers named KeySteal, Atomic Infostealer, and CherryPie can bypass various detection engines, with variants of the first two evading XProtect. XProtect is the macOS built-in antivirus (AV) technology that scans downloaded files and apps for known malware signatures as well as removes any infected files. SentinelOne pointed out the significant increase in information-stealing malware targeting the macOS platform. This article continues to discuss the emerging malware variants evading various static-signature detection engines, including XProtect.

Dark Reading reports "Sophisticated macOS Infostealers Get Past Apple's Built-In Detection"

Submitted by grigby1

Submitted by Gregory Rigby on