A variant of the Banshee macOS infostealer appeared to copy systems to find new encryption keys copied from Apple’s internal algorithm.
Check Point Research, which caught the exception after two months of successful evasion, says that threat actors are distributing Banshee using phishing websites and fake GitHub repositories, often mimicking popular software like Google Chrome, Telegram, and TradingView.
Cybersecurity expert at Menlo Security, Ngoc Bui, said the exception highlights a major gap in Mac security. “While companies are increasingly adopting the Apple ecosystem, security tools are not keeping pace,” he said. “Even the best EDR solutions have limitations on Macs, leaving organizations with significant blind spots. We need a multi-layered approach to security, including highly trained hunters in Mac environments.”
Source link