Summary: A new variant of the Banshee info-stealing malware for macOS has been evading detection by utilizing string encryption techniques similar to those used by Apple’s XProtect. This malware, which targets sensitive data from macOS users, has continued to spread through deceptive methods despite the original operation being shut down after its source code was leaked.
Threat Actor: Cybercriminals | Banshee
Victim: macOS users | macOS users
Key Point :
- Banshee malware employs string encryption to evade detection by standard security measures.
- The malware primarily targets sensitive data from popular web browsers and macOS passwords.
- Distribution occurs through deceptive GitHub repositories and phishing campaigns.
- It has shifted its focus to avoid detection on systems belonging to Russian users.