A newer version of the macOS malware has a new trick that allows it to bypass the operating system’s Gatekeeper, Malwarebytes researchers have discovered. The malware is an information stealer and can grab passwords from browsers, Apple’s keychain, file, crypto wallets, and more. In the latest delivery campaign, spotted by a Malwarebytes researcher, the malware poses as a TradingView, an app to track financial markets. Potential victims are redirected by a malicious ad to a phishing site mimicking that legitimate platform’s page. The page then has three download buttons and the macOS one downloads the Atomic Stealer from a third party site. The opening process of the download aims to bypass Gatekeeper, macOS’ security feature that enforces code signing and verifies downloaded applications.
Read more: https://www.helpnetsecurity.com/2023/09/07/macos-malware-bypass-gatekeeper/