Skip to main content
  1. Home
  2. Computing
  3. News

A new malware threat to macOS adds to the data-stealing surge

By
Mac password prompt.
Cado Security

If you still think Macs are inherently safe from malware , think again.

Mac users have another threat to worry about. Cthulhu Stealer, a new Mac malware threat, tries to steal sensitive data such as passwords and cryptocurrency wallets, Cado Security reports in a blog post . The malware threat disguises itself as authentic software to gather login credentials.

Recommended Videos

Cado Security describes how the malware functions: “Cthulhu Stealer is an Apple disk image (.dmg) that is bundled with two binaries, depending on the architecture. The malware is written in Golang and disguises itself as legitimate software. Once the user mounts the .dmg, the user is prompted to open the software. After opening the file, osascript, the macOS command-line tool for running AppleScript and JavaScript, is used to prompt the user for their password. ”

Related:
A macOS feature few people use just got even better

After this, users will see a second prompt to enter their MetaMask password. Cuckoo, Atomic Stealer, and Banshee Stealer also use this technique. However, the latest malware threat aims to gather system data and get rid of users’ iCloud Keychain passwords via a software named Chainbreaker.

Users must be cautious, as the new malware can masquerade as software apps such as AdobeGenP, CleanMyMac, and Grand Theft Auto IV by leveraging Apple disk images (DMG). You can use the AdobeGenP app without entering a serial key or paying for a Creative Cloud subscription.

Cthulhu Stealer takes data, including Telegram account information and web browser cookies, puts it into a ZIP archive file, and sends it to a command-and-control (C2) server — in other words, to the attackers. It also shares similarities with Atomic Stealer, having the same spelling mistakes and other functions and features, which indicates the developer used the same code and made some modifications.

Users can take precautions to stay safe, such as only downloading software from trustworthy sources and keeping their Macs running on the latest version. Downloading some legitimate Mac antivirius software isn’t a bad idea, either.

Apple is aware of the rise in Mac malware and has made essential security changes, saying , “In macOS Sequoia, users will no longer be able to Control-click to override Gatekeeper when opening software that isn’t signed correctly or notarized.” You’ll need to go to System Settings > Privacy & Security to analyze the security information for the software before you use it.

Judy Sanhz
Judy Sanhz
Computing Writer
Judy Sanhz is a Digital Trends computing writer covering all computing news. Loves all operating systems and devices.
Topics

Editors’ Recommendations

Apple’s glass-like software redesign sounds cool, but it isn’t exactly new
Concept design with glass aesthetics on iPad.

Apple and its obsession with aesthetics are a well-documented part of its history. At WWDC 2025, the company is going to embark on a fresh design chapter inspired by glass elements. Think transparency and reflections, carried over to the app icons, windows, and widgets on your iPhone’s screen. The tablets and desktops, too.

Word on the street is that “glassmorphism” is back. Sebastiaan de With, an ex-Apple designer and the mind behind excellent apps like Kino and Halide, joked that after the WWDC keynote, you can no longer use the word glassmorphism.

Read more
I’m using this powerful macOS feature that many ignore, and you should too
Background apps on M4 MacBook Air.

MacOS is preferred for its fluidity and seamlessness. Of course, solid hardware and fire-breathing silicon add to its appeal, but the software experience developed by Apple focuses on convenience and security more than anything.

In its quest to do so, however, Apple has often ignored glaring functional holes in the OS. The lack of a native clipboard is one such as miss, one that is addressed by excellent third-party apps such as Maccy. The Menu Bar is another similar tale of missed opportunities.

Read more
Apple needs to fix the basics for macOS 26, or let AI run the show
Background apps on M4 MacBook Air.

The Mac apps community is a wonderful place to find utilities that can supercharge your computing experience. Alfred, Raycast, AlDente, and Rectangle are some of the most highly recommended apps for macOS users these days. The open-source community has also produced a few utilities (and their forks) that I use on a daily basis.

If you read between the lines, you'll notice that these apps fill a functional gap that Apple has yet to offer natively. On the other side of the computing ecosystem, Windows has served those perks for years. Will the next big software upgrade, macOS 26, finally give users an in-house fix? We’ll only get the answer at WWDC 2025 in just over a week from now.

Read more