A new variant of the Banshee stealer malware took a page out of Apple’s book and used the same encryption methods as Mac’s XProtect antivirus detection suite to avoid detection. This move made the malware almost invisible to antivirus programs as they mistook it for Apple’s legitimate security tools. The malware existed undetected for over two months, and was mainly distributed through phishing websites and malicious GitHub repositories targeting both Windows and MacOS users.
Banshee macOS stealer supports new evasion mechanisms
A new version of the Banshee macOS (operating system) information-stealing malware has emerged with enhanced evasion capabilities. Discovered by Check Point researchers, the malware is
