Although Windows users are historically more likely to be targeted by cyber attackers, and when it comes to Apple most of the security-related stories we read tend to involve the iPhone one way or another, new research suggests that 100 million macOS users are firmly in the crosshairs as cybercriminals look to exploit the growing popularity of the operating system. Here’s what you need to know about the newly discovered Banshee Stealer threat variant.
What 100 Million Apple Users Need To Know About Banshee Stealer
A new variant of the macOS Banshee Stealer threat, capable of hacking browser credentials, cryptocurrency wallets and other sensitive data, has been monitored by security researchers since late last year. Now those threat intelligence experts at Check Point Research have published a new report warning 100 million users of the real-and-present dangers this nasty hack attack campaign poses.
I’m a relatively recent convert to the world of macOS, having bought into the MacBook Pro a couple of years ago in no small part due to the security protections that the Apple ecosystem brings. I’m not blind to the fact that this doesn’t mean anyone using macOS is somehow immune to attack, that simply isn’t the case. The Banshee Stealer is proof enough if anyone were doubtful that such stealer-as-a-service threats apply to Apple users as much as anyone else.
“For $3,000,” Check Point researchers said, “threat actors could purchase this malware to target macOS users,” with the criminal developers having “stolen a string encryption algorithm from Apple’s own XProtect antivirus engine, which replaced the plain text strings used in the original version.” This likely made it easier for Banshee to avoid detection. However, when the source code to the malware was leaked on the dark web late in 2024, the service was shut down. Check Point said at the time it would lead to new variants, developed by other threat actors, emerging; it has been proved right.
The Check Point report into the newly evolved Banshee Stealer campaign warned that businesses “must recognize the broader risks posed by modern malware,” including the potential for costly data breaches that the compromise of sensitive information and reputational damage brings.
Security Experts Speak Out About The Latest Banshee Apple macOS Attacks
The return of Banshee Stealer malware, with its improved antivirus detection capabilities, represents a significant risk for organizations using macOS devices, according to Eric Schwake, director of cybersecurity strategy at Salt Security. “Despite the common belief that Macs offer greater security,” Schwake said, “this incident emphasizes that organizations must adopt strong security measures across all devices, independent of their operating systems.” Only by adopting a proactive stance on macOS security can organizations “lessen the risk from evolving threats like Banshee Stealer and safeguard their essential data and resources,” Schwake said. Such a proactive stance entails implementing endpoint security solutions, enforcing strict password policies, educating staff about phishing and malware risks, and ensuring all software is regularly updated with the latest security patches, Schwake concluded.