A variant of the Banshee macOS infostealer was seen duping detection methods with new string encryption copied from Apple’s in-house algorithm.
A Examine Level analysis, which caught the variant after two months of profitable evasion, mentioned risk actors distributed Banshee utilizing phishing web sites and pretend GitHub repositories, usually impersonating widespread software program like Google Chrome, Telegram, and TradingView.
Cybersecurity skilled at Menlo Safety, Ngoc Bui, mentioned the brand new variant highlights a major hole in Mac security. “Whereas firms are more and more adopting Apple ecosystems, the security instruments haven’t saved tempo,” he mentioned. “Even main EDR options have limitations on Macs, leaving organizations with important blind spots. We want a multi-layered strategy to security, together with extra educated hunters on Mac environments.”
