New Russian threat targets over 100 Apple macOS browser extensions

Protect your macOS: Steps to safeguard against browser extension threats

Apple Macs are considered comparatively safer than Windows. This remains true, as in the past few months, we’ve noticed numerous malware and vulnerabilities affecting Windows laptops. However, a stealer malware has shown that Macs yet again aren’t completely immune to cyberattacks.

The malware, called Banshee, targets the extensions installed on your Mac in order to gain illegal access to your passwords, cryptocurrency and personal data. It affects a wide range of browsers, including Chrome and Safari.

GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE

A woman working on her Mac laptop (Kurt "CyberGuy" Knutsson)

What you need to know

Researchers at Elastic Security Labs found that Banshee, a malware developed by Russian hackers, works on macOS x86_64 and ARM64 systems. The malware is being sold as a service to other bad actors for just $3,000, which the researchers think is pretty cheap compared to other malware available on the dark web to criminals. Yes, believe it or not, there’s a whole market for this stuff.

Apple has a tight infrastructure that prevents bad actors from targeting its devices, but hackers always find loopholes. In this case, it’s the browser extensions you install, whether it’s an ad blocker or an Amazon price tracker.

Targeted browsers and extensions

"Banshee Stealer targets a wide range of browsers, cryptocurrency wallets, and around 100 browser extensions, making it a highly versatile and dangerous threat," Elastic Security Labs said. The malware targets several web browsers and crypto wallets, including Safari, Google Chrome, Mozilla Firefox, Brave, Microsoft Edge, Vivaldi, Yandex, Opera, OperaGX, Exodus, Electrum, Coinomi, Guarda, Wasabi Wallet, Atomic and Ledger.

Data theft capabilities

Once the malware gets into your Mac, it starts stealing your data. It can grab information about the system and passwords from the Keychain. It also pulls data from different file types stored on your desktop and in your documents. Plus, it’s got tricks to avoid detection, like figuring out if it’s in a virtual environment and using an API to steer clear of Macs where Russian is the primary language.

Illustration of a hacker working on a laptop (Kurt "CyberGuy" Knutsson)

4.3 MILLION AMERICANS EXPOSED IN MASSIVE HEALTH SAVINGS ACCOUNT DATA BREACH

How does the malware infect your computer?

The report from Elastic Security Labs didn’t go into detail about how the Banshee malware actually infects your computer. But it’s likely using the same tactics we’ve seen other Mac and Windows malware use before.

This usually involves sneaky methods like displaying fake pop-ups that mimic legitimate apps or services. Hackers often create a sense of urgency, pushing you to click on a link to "install an update" or "fix an issue" right away. Of course, instead of an update, that link installs the malware on your system.

It’s also unclear how widespread this malware is, which regions it’s targeting or the extent of the damage it’s caused so far. We reached out to Apple for a comment on this article but did not hear back before our deadline.

A woman working on her laptop (Kurt "CyberGuy" Knutsson)

MASSIVE SECURITY FLAW PUTS MOST POPULAR BROWSERS AT RISK ON MAC

4 ways to protect yourself from the Mac malware

While there’s no exact solution to prevent the Banshee malware, the following computer practices can help keep your Mac secure.

1) Limit and manage browser extensions: Be selective about the browser extensions you install. Only add extensions from well-known developers and those you truly need. Regularly review and manage your extensions to ensure they haven’t been compromised or are no longer necessary. Extensions with excessive permissions or that request access to sensitive data should be removed. Check out our top browser extensions to make life easier.

2) Be cautious with downloads and links: Only download software from reputable sources such as the Mac App Store or official websites of trusted developers. Be wary of unsolicited emails or messages prompting you to download or install updates, especially if they contain links. Phishing attempts often disguise themselves as legitimate update notifications or urgent messages.

The best way to protect yourself from clicking malicious links that install malware is to have strong antivirus protection installed on all your devices. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.

3) Keep your software updated: Ensure that both macOS and all installed applications are up to date. Apple frequently releases security patches and updates that address vulnerabilities. Enable automatic updates for macOS and your apps to stay protected without having to manually check for updates. If you need more help, see my guide on keeping all your devices updated.

4) Use strong and unique passwords: To protect your Mac from malware, it’s also crucial to use strong, unique passwords for all your accounts and devices. Avoid reusing passwords across different sites or services. A password manager can be incredibly helpful here: It generates and stores complex passwords for you, making them difficult for hackers to crack.

It also keeps track of all your passwords in one place and automatically fills them in when you log into accounts, so you don’t have to remember them yourself. By reducing the number of passwords you need to recall, you’re less likely to reuse them, which lowers the risk of security breaches. Get more details about my best expert-reviewed password managers of 2024 here.

HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET 

Kurt’s key takeaways

Macs, whether you’re using a MacBook or an iMac, are generally pretty secure, but they’re not completely foolproof. One weak spot has always been extensions, and that’s where the Banshee malware comes in. It exploits these vulnerabilities to swipe your important data and money. There aren’t any specific steps to deal with this exact threat, but sticking to good computing habits can help a lot. Make sure your downloads are from trusted sources, be cautious with unexpected email attachments and think carefully before installing anything.

What steps do you take to verify that downloads and extensions are from legitimate sources? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

Copyright 2024 CyberGuy.com. All rights reserved.

Load more..