'CrashStealer' malware poses as an Apple tool to steal passwords & Mac data
CrashStealer, a newly documented Mac infostealer, used an Apple-notarized meeting app to reach victims before stealing passwords, browser data and cryptocurrency credentials behind a fake system prompt.CrashStealer fake password prompt
Jamf Threat Labs first spotted a suspicious sample on VirusTotal in early May and began seeing matching detections on customer Macs in early July. Further analysis traced the malware to a signed and Apple-notarized first-stage application called Werkbit, giving re