< BACK TO NEWS
importantSYS.SOURCE: The Hacker News2026-07-13T23:06:12+05:30

CrashStealer macOS Malware Bypasses Gatekeeper via Notarized Dropper

CrashStealer is a macOS information stealer implemented in native C++ that bypasses Apple's Gatekeeper checks using a notarized dropper, enabling it to collect sensitive data from browsers, cryptocurrency wallets, and keychains. The malware employs AES-GCM encryption and analysis-resistant techniques like control-flow flattening to exfiltrate stolen data securely.

Cybersecurity researchers have flagged a new macOS information stealer called CrashStealer that's capable of harvesting sensitive data from compromised systems.

Unlike other information stealers that are built on AppleScript droppers or Objective-C-based wrappers, CrashStealer is implemented in native C++, according to Jamf Threat Labs.

"It validates the victim's login password locally before

Read original article

*** END OF TRANSMISSION ***