Cybersecurity researchers have discovered an information-stealing malware targeting macOS users. This malware, referred to as Banshee Stealer, is considered a stealthier update to previous versions of the malware. Researchers discovered the updated version in September 2024, in which the malware was distributed via phishing websites and false GitHub repositories. 

Banshee Stealer was initially discovered in August 2024 as a a malware-as-a-service (MaaS) model able to harvest data from web browsers, files matching certain extensions, and cryptocurrency wallets. 

Security leaders weigh in

Ms. Ngoc Bui, Cybersecurity Expert at Menlo Security:

This new Banshee Stealer variant exposes a critical gap in Mac security. While companies are increasingly adopting Apple ecosystems, the security tools haven’t kept pace. Even leading EDR solutions have limitations on Macs, leaving organizations with significant blind spots. We need a multi-layered approach to security, including more trained hunters on Mac environments.

James Scobey, Chief Information Security Officer at Keeper Security: 

Banshee Stealer is a clear indicator of the evolving threats targeting macOS systems, which are traditionally viewed as more secure than their PC counterparts, and less susceptible to malware and viruses. As attackers refine their techniques, including leveraging encryption methods inspired by native security tools, it’s evident that businesses can no longer rely on legacy assumptions about platform security. Sophisticated malware like Banshee Stealer can bypass traditional defenses, capitalizing on stolen credentials and user errors.

Privileged Access Management (PAM) is no longer a ‘nice-to-have’ — it’s an essential pillar of modern cybersecurity. By restricting access and ensuring that elevated permissions are granted only when necessary, PAM significantly reduces the attack surface for threats like Banshee. Combined with endpoint protection and robust password management, it creates a formidable barrier against such exploits. The time has come for businesses to shift from reactive to proactive security strategies. Malware like Banshee thrives on gaps in vigilance and access controls. By prioritizing advanced tools, user education and layered defenses, organizations can stay ahead in the race against evolving cyber threats.

Eric Schwake, Director of Cybersecurity Strategy at Salt Security:

The return of Banshee Stealer malware, which has improved its capability to evade antivirus software and steal confidential data, represents a significant risk for organizations using macOS devices. This malware is designed to attack browsers, cryptocurrency wallets, and user files, reflecting the rising sophistication of threats to macOS users. Despite the common belief that Macs offer greater security, this incident emphasizes that organizations must adopt strong security measures across all devices, independent of their operating systems. This entails implementing endpoint security solutions, enforcing strict password policies, educating staff about phishing and malware risks, and ensuring all software is regularly updated with the latest security patches. By adopting a proactive stance on macOS security, organizations can lessen the risk from evolving threats like Banshee Stealer and safeguard their essential data and resources.