The macOS ‘Banshee’ infostealer has evaded antivirus software by using an encryption algorithm it stole from Apple. Primarily distributed via Russian cybercrime marketplaces, it is designed to steal credentials from various web browsers and cryptocurrency wallet extensions. The malware has been updated with an encryption algorithm that hides it from antivirus tools, rendering most of them unable to detect it. Its source code was leaked on the Russian language cybercrime forum ‘XSS’ and continues to spread via phishing sites and compromised software downloads.

Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands – csoonline.com
Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands csoonline.com