Image by Ramshid, from Unsplash
Banshee Malware Targets MacOS Users With New Stealth Features
- Written by Kiara Fabbri Former Tech News Writer
- Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor
Check Point Research (CPR) has been tracking a dangerous version of Banshee, a malware targeting macOS users since September 2024.
In a Rush? Here are the Quick Facts!
- Banshee Stealer targets macOS, stealing browser credentials and cryptocurrency wallet data.
- The malware evades detection using Apple’s XProtect encryption in its latest version.
- Banshee spreads via phishing websites and fake GitHub repositories impersonating popular software.
Banshee is capable of stealing sensitive information such as browser credentials, cryptocurrency wallet data, and passwords, as reported in the new analysis by CPR .
According to the researchers, the malware has managed to remain undetected for over two months, thanks to a modification of Apple’s XPng’s encryption, which prevents antivirus systems from identifying it.
Banshee is typically distributed through phishing websites and fake GitHub repositories, often posing as popular software like Chrome, Telegram, or TradingView. Once installed, Banshee silently runs in the background, stealing data from browsers like Chrome, Brave, and Edge.
It also targets cryptocurrency wallet extensions and Two-Factor Authentication (2FA) credentials, sending the stolen information to remote servers, as reported by CPR.
The researchers say that a significant change in the latest version of Banshee is the removal of a feature that previously halted its operations if the Russian language was detected. This update broadens the malware’s potential victim pool, indicating an expansion of its global reach.
Despite the leak of Banshee’s source code in November 2024, which helped antivirus systems detect the malware more effectively, phishing campaigns continue to distribute it. This leak also raises concerns that other cybercriminals may develop new variants of Banshee, says CPR.
With macOS devices now used by over 100 million people worldwide, the Banshee Stealer campaign emphasizes the increasing risks to macOS users. “This new Banshee Stealer variant exposes a critical gap in Mac security,” said Ms. Ngoc Bui, a cybersecurity expert at Menlo Security, as reported by Forbes .
“While companies are increasingly adopting Apple ecosystems, the security tools haven’t kept pace. We need a multi-layered approach to security, including more trained hunters on Mac environments,” he added.
Privileged access management, once considered a nice-to-have feature, has now become a cornerstone of modern cybersecurity for business users. The Banshee Stealer threat underscores the urgency of this shift.
“By restricting access and ensuring that elevated permissions are granted only when necessary,” Scobey explained, “privileged access management significantly reduces the attack surface for threats like Banshee,” as reported by Forbes
When combined with endpoint protection and robust password management, privileged access management offers a powerful defense against such exploits.
“The time has come for businesses to shift from reactive to proactive security strategies,” Scobey emphasized, Forbes. He concluded, “Malware like Banshee thrives on gaps in vigilance and access controls. By prioritizing advanced tools, user education, and layered defenses, organizations can stay ahead in the race against evolving cyber threats.”
The malware’s sophistication proves that even operating systems traditionally seen as secure, like macOS, are vulnerable to targeted cyberattacks. Both businesses and individuals must be vigilant and adopt advanced cybersecurity measures to protect against evolving threats like Banshee.
Mastodon CEO To Transfer Ownership To A Nonprofit Organization
- Written by Andrea Miliani Former Tech News Expert
- Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor
The decentralized social media network Mastodon announced a new plan to transfer ownership to a non-profit organization in Europe.
In a Rush? Here are the Quick Facts!
- Mastodon founder and CEO Eugen Rochko will transfer ownership, stewardship, and assets to a non-profit organization in Europe.
- The decentralized social media network will work on developing the new legal and institutional structures during the next 6 months
- Mastodon wants to keep the platform “free of the control of a single wealthy individual,” and differentiate itself from Elon Musk’s X, and Zuckerberg’s Meta.
According to the official announcement on its website, founder and CEO Eugen Rochko will hand management and assets to a new administrative structure that is yet to be announced as Mastodon’s team is still working on the best jurisdiction and legal structure in Europe.
“The next 6 months will see the transformation of the Mastodon structures, shifting away from the early days’ single-person ownership and enshrining the envisioned independence in a dedicated European not-for-profit entity,” states the document.
Rochko’s role will switch for him to focus on product strategy, in alliance with his principles of keeping the application “free of the control of a single wealthy individual.”
This strategy to avoid giving the power of a network to just one person comes right after Mark Zuckerberg ended Meta’s fact-checking program —some critics speculate that Zuckerberg’s decision may have been influenced by political considerations, including past tensions with upcoming President Trump and efforts to navigate business interests in a polarized environment.
Mastodon—founded in 2016—expects to continue developing tools where users can share and create authentic content, and differentiate itself from other business models like Elon Musk’s X and Zuckerberg’s Meta platforms. Its communications team also explained that they keep working and developing its fediverse project and invited people to join the creative team or donate to reach the operating goal of €5 million in 2025.
