www.infosecurity-magazine.com 7/14/2026, 12:07:45 PM · external

New macOS malware CrashStealer hijacks crash reports to steal data

New macOS malware CrashStealer hijacks crash reports to steal data
CyberSIXT Evidence Panel
Primary Source jamf.com

A new macOS malware, named CrashStealer, is identified as posing a significant security threat by using Apple's legitimate crash-reporting component to deceive users into installing it. This infostealer captures sensitive data, including login credentials and cryptocurrency wallet information, by mimicking Apple's software. The malware is delivered via a signed disk image, which allows it to bypass macOS's Gatekeeper security.

Upon installation, it prompts users with a fake authorization request to gather passwords, employing advanced methods like AES-GCM encryption to obscure its operations. Researchers from Jamf Threat Labs have alerted Apple about the distribution of this malware, emphasizing the sophistication of its delivery and encryption mechanisms.

View Primary Source Via www.infosecurity-magazine.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline