NEW: FREE Web3 Resume Cheat Sheet DOWNLOAD NOW

macOS crypto wallet malware, should users really be worried?

In this post:

  • A new strain of macOS-specific malware targeting crypto wallets is causing alarm in the media.
  • A $3,000 “stealer-as-a-service,” Banshee stole crypto wallets and browser credentials. 
  • However, security experts say the threat has been exaggerated and that the average Mac user should not be concerned.

A new strain of macOS-specific malware targeting crypto wallets is causing alarm in the media. However, security analyst Patrick Wardle says the threat has been exaggerated and that the average Mac user need not worry.

Check Point researchers say a new strain of macOS malware, dubbed Banshee, dodged antivirus systems for more than two months by using encryption techniques borrowed from Apple’s security tools.

Media outlets soon swept up the story. The New York Post quoted Check Point’s findings, warning that more than 100 million could be victims, while Forbes warned of “real-and-present dangers.”

According to a decrypt report, an Apple security researcher does not agree with the alarmist tone.

The crypto macOS malware issue is exaggerated 

“There’s really nothing special about this specific sample,” Wardle said in an interview via Signal, speaking about Banshee, a “stealer-as-a-service” that reportedly stole crypto wallets and browser credentials.

The threat targeted software-based cryptocurrency wallets, so crypto users are concerned about the malware. However, Wardle thinks its ability and the extent of its impact have been overstated.

See also  Why is the crypto market down today? XRP, DOGE, and ADA lead weekly losses

The trick worked because its Apple XProtect antivirus string encryption allowed it to run undetected from late September through November 2024, bypassing security measures.

However, when its source code leaked on underground forums, the creators shut the operation down.

Wardle asks users to focus on general security best practices 

According to Wardle, the malware employed sophisticated evasion techniques but its core theft capabilities were quite basic.

He said, “XOR is the most basic type of obfuscation,” adding Apple and Banshee both use it. Therefore, “The fact that Banshee used the same approach as Apple’s is irrelevant”

Wardle also shared that the latest macOS updates have already blocked this type of malware. He said that by default, macOS makes it extremely difficult for most malware to work, so “there’s essentially no risk for the average Mac user.”

However, even as he admitted to more advanced threats like zero-day exploits, Wardle asked users to focus on general security best practices rather than specific malware. “There’s always a tradeoff between security and usability,” he said, pointing out Apple’s attempts to find balance.

The real risks could be miscommunicated. The case shows how media coverage can obscure technical details, as Wardle highlighted. “There are sophisticated malware out there […] this isn’t one of them,” he said.

See also  Russia plans mandatory crypto mining equipment registration and tax reporting

Cryptopolitan Academy: FREE Web3 Resume Cheat Sheet - Download Now

Share link:

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Editor's choice

Loading Editor's Choice articles...
Subscribe to CryptoPolitan