MacOS Browser Extensions at Risk from Banshee Stealer

MacOS Browser Extensions at Risk from Banshee Stealer

Web browser extensions targeted by Banshee Stealer on macOS



Security researchers have discovered a new malware for macOSwhich can attack over 100 browser extensions installed on the target Mac.

Apple is committed to making macOS and its other operating systems as secure as possible. While it does what it can to protect us from third-party malware threats, browser extensions are always a weak point.

Explained by Elastic Security Labs on Thursday, a malware called Banshee Stealer does not directly attack macOS itself, but third-party software installed on it, reports Hacker NewsThis includes a wide range of browsers, including Chrome, Firefox, Brave, Edge, Vivaldi, Opera, and others.

It also targets cryptocurrency wallets and over 100 browser extensions installed on those browsers, making it a “highly versatile and dangerous threat,” according to Elastic Security Labs.

The primary task of the malware is to collect and steal data, and so it also has the ability to harvest information about the system itself, along with passwords from the Keychain. Data can also be retrieved from various file types that are stored on the desktop and document folders.

It also has capabilities to try to avoid being detected in the first place. It can detect if it is running in a virtual environment and also uses an API to prevent infection Macs when Russian is the primary language.

During installation, the malware uses a script to make the user enter a false password. In this way, the malware tries to elevate its rights.

“As macOS becomes an increasingly popular target for cybercriminals, Banshee Stealer highlights the growing popularity of macOS-specific malware,” the researchers said.

It is unclear how widely the malware has been used, but it appears to be seen as a high-end tool for cybercriminals by its creator. In a screenshot from a forum, a vendor of the tool has set the price for access to the tool at $3,000 per month.

For macOS users, there are no specific instructions to help with this particular attack vector, other than good computer hygiene. Ensuring that you know downloads come from legitimate sources, being wary of unexpected email attachments, and thinking more carefully about installations will go a long way for many users.