New warning for millions of Apple users issued.
Although Windows users are historically more likely to be targeted by cyber attackers, and when it comes to Apple most of the security-related stories we read tend to involve the iPhone one way or another, new research suggests that 100 million macOS users are firmly in the crosshairs as cybercriminals look to exploit the growing popularity of the operating system. Here’s what you need to know about the newly discovered Banshee Stealer threat variant.
What 100 Million Apple Users Need To Know About Banshee Stealer
A new variant of the macOS Banshee Stealer threat, capable of hacking browser credentials, cryptocurrency wallets and other sensitive data, has been monitored by security researchers since late last year. Now those threat intelligence experts at Check Point Research have published a new report warning 100 million users of the real-and-present dangers this nasty hack attack campaign poses.
I’m a relatively recent convert to the world of macOS, having bought into the MacBook Pro a couple of years ago in no small part due to the security protections that the Apple ecosystem brings. I’m not blind to the fact that this doesn’t mean anyone using macOS is somehow immune to attack, that simply isn’t the case. The Banshee Stealer is proof enough if anyone were doubtful that such stealer-as-a-service threats apply to Apple users as much as anyone else.
“For $3,000,” Check Point researchers said, “threat actors could purchase this malware to target macOS users,” with the criminal developers having “stolen a string encryption algorithm from Apple’s own XProtect antivirus engine, which replaced the plain text strings used in the original version.” This likely made it easier for Banshee to avoid detection. However, when the source code to the malware was leaked on the dark web late in 2024, the service was shut down. Check Point said at the time it would lead to new variants, developed by other threat actors, emerging; it has been proved right.
Apple macOS Users Must Pay Attention—Or Suffer The Security Consequences
While conceding that Apple does a good job at including robust security protections for macOS users, such as Gatekeeper, XProtect, and sandboxing, the Check Point researchers have warned that the rebirth and rise of Banshee Stealer “serves as a reminder that no operating system is immune to threats.” The macOS users who ignore this warning do so at their own peril.
That’s because Banshee operates undetected and blends seamlessly with perfectly normal system processes, yet all the time, it is stealing browser credentials, cryptocurrency wallets, user passwords, and sensitive file data. “Even seasoned IT professionals struggle to identify its presence,” the Check Point report warned, “Banshee stealer isn’t just another piece of malware—it’s a critical warning for users to reassess their security assumptions and take proactive measures to safeguard their data.”
The latest Banshee variant targets web browsers, including Chrome, Brave, Edge, and Vivaldi, along with browser extensions for cryptocurrency wallets. “It also exploits a Two-Factor Authentication extension to capture sensitive credentials,” the report said, adding that it “utilizes convincing pop-ups designed to look like legitimate system prompts to trick users into entering their macOS passwords.”
I have reached out to Apple for a statement.
