PasivRobber Malware Emerges, Targeting macOS to Steal Data From Systems and Apps

Summary: A new sophisticated malware suite named “PasivRobber” targeting macOS was discovered on March 13, 2025, designed to steal sensitive data from popular applications, particularly among Chinese users. It employs deceptive installation techniques and exhibits a multi-layered structure with advanced capabilities to extract information from various sources. Evidence suggests its origin may be linked to a company involved with the Chinese Military-Industrial Complex.

Affected: macOS users, specifically those utilizing applications like WeChat and QQ.

Keypoints :

• PasivRobber is a multi-component malware suite with sophisticated techniques for data theft.
• The initial installer is signed with a Developer ID leading back to a company linked to the Chinese military.
• It employs complex binaries for various malicious operations, disguises its components, and includes 28 plugins for targeted data extraction.