'Stealers' Are an Increasingly Common Mac Malware

by

macOS stealers are becoming an increasingly common type of malware on the Mac, according to the 2025 State of Malware report that Malwarebytes shared this week.

macos stealer market share
Most Mac malware has historically been VSearch adware or the Genieo browser hijacker, but more malicious malware is on the rise, and 2024 saw a new wave of information stealing malware hit the Mac.

Stealers are designed to locate credit card information, authentication cookies, cryptocurrency, passwords, and other valuable data that criminals can use to make money.

Malicious apps that steal information are typically installed when a Mac user searches for a legitimate software product and then uses a malicious Google or Bing search ad to download an infested replica version of the software they sought. Attackers are able to deliver targeted ads for malicious software based on location, operating system, software, and search terms.

Atomic Stealer (AMOS), an information stealer that surfaced in 2023, is used regularly, and a version of AMOS referred to as Poseidon has becoming increasingly popular with criminals. Poseidon is advertised as being able to steal cryptocurrency from more than 160 wallets as well as passwords from web browsers and select password managers. Poseidon downloads have masqueraded as legitimate Mac apps like the Arc Browser, tricking unsuspecting Mac users into installing the malware.

Malwarebytes warns that macOS stealers like Poseidon allow criminals to access sensitive resources, steal credentials, and create convincing social engineering attacks.

To avoid this kind of attack, it is important to verify where software is being downloaded from, ensuring that it comes from a legitimate developer and not an imitation website.

Tags: Malware, Malwarebytes

Popular Stories

2024 iPhone Boxes Feature

Apple Adjusts Trade-In Values for iPhones, iPads, Macs, and More

Thursday November 6, 2025 11:12 am PST by
Apple today updated its trade-in values for select iPhone, iPad, Mac, and Apple Watch models. Trade-ins can be completed on Apple's website, or at an Apple Store. The charts below provide an overview of Apple's current and previous trade-in values in the U.S., according to its website. Maximum values for most devices either decreased or saw no change, but the iPad Air received a slight bump. ...
Read Full Article73 comments
Liquid Glass General Feature

Apple Shares Liquid Glass Design Gallery

Thursday November 6, 2025 2:45 pm PST by
Apple is promoting the new Liquid Glass design in iOS 26, showing off the ways that third-party developers are embracing the aesthetic in their apps. On its developer website, Apple is featuring a visual gallery that demonstrates how "teams of all sizes" are creating Liquid Glass experiences. The gallery features examples of Liquid Glass in apps for iPhone, iPad, Apple Watch, and Mac. Apple...
Read Full Article119 comments
airtag purple

Apple's Website Lists AirTag 4-Pack at Shockingly Low Price [Updated]

Friday November 7, 2025 6:40 am PST by
Apple's online store in the U.S. is suddenly offering a pack of four AirTags for just $29, which is the same price as a single AirTag. This is likely a pricing error, and it is unclear if orders will be fulfilled. Apple has not discounted the AirTag four-pack in any other countries that we checked. Delivery estimates are already pushing into late November to early December, suggesting...
Read Full Article101 comments
Early Black Friday Deals 1

The Best Early Black Friday Apple Deals on AirPods, Apple Watch, iPad, and More

Saturday November 8, 2025 6:16 am PST by
We're officially in the month of Black Friday, which will take place on Friday, November 28 in 2025. As always, this will be the best time of the year to shop for great deals, including popular Apple products like AirPods, iPad, Apple Watch, and more. In this article, the majority of the discounts will be found on Amazon. Note: MacRumors is an affiliate partner with some of these vendors. When ...
Read Full Article5 comments
iOS 26

iOS 26.1 Available Now With These 8 New Features

Monday November 3, 2025 5:54 am PST by
Following more than a month of beta testing, Apple released iOS 26.1 on Monday, November 3. The update includes a handful of new features and changes, including the ability to adjust the look of Liquid Glass and more. Below, we outline iOS 26.1's key new features. Liquid Glass Toggle iOS 26.1 lets you choose your preferred look for Liquid Glass. In the Settings app, under Display...
Read Full Article
ikea smart home devices

IKEA Debuts 21 HomeKit-Compatible Smart Bulbs, Sensors, and Controls

Thursday November 6, 2025 4:08 pm PST by
IKEA today announced the upcoming launch of 21 new Matter-compatible smart home products that will be able to interface with HomeKit and the Apple Home app. There are sensors, lights, and control options, all of which will be reasonably priced. Some of the products are new, while some are updates to existing lines that IKEA previously offered. There are a series of new smart bulbs that are...
Read Full Article77 comments
Apple fitness plus feature

Future of Apple Fitness+ 'Under Review'

Sunday November 9, 2025 5:30 am PST by
The future of Apple Fitness+ is "under review" amid a reorganization of the service, according to Bloomberg's Mark Gurman. In the latest edition of his "Power On" newsletter, Gurman said that Apple Fitness+ remains one of the company's "weakest digital offerings." The service apparently suffers from high churn and little revenue. Nevertheless, Fitness+ has a small, loyal fanbase that...
Read Full Article207 comments
All Screen iPhone 2027 Feature 1

Apple to Hide Selfie Camera Under Display of 20th Anniversary iPhone

Monday November 10, 2025 1:55 am PST by
Apple will conceal the front-facing camera under the screen of its 2027 iPhone, a Chinese leaker said today, corroborating reports that Apple's 20th anniversary iPhone will have no visible cutouts in the display. Weibo-based account Digital Chat Station said Apple's development of under-screen camera technology was progressing as planned for adoption in 2027, one year after it will...
Read Full Article37 comments
maxresdefault

In-Depth iPhone Battery Experiment Pits Slow Charging Against Fast Charging

Friday November 7, 2025 1:19 pm PST by
HTX Studio this week shared the results from a six-month battery test that compared how fast charging and slow charging can affect battery life over time. Using six iPhone 12 models, the channel set up a system to drain the batteries from five percent and charge them to 100 percent over and over again. Three were fast charged, and three were slow charged. Another set of iPhones underwent...
Read Full Article173 comments

Top Rated Comments

Pakaku Avatar
Pakaku
10 months ago

Malicious apps that steal information are typically installed when a Mac user searches for a legitimate software product and then uses a malicious Google or Bing search ad to download an infested replica version of the software they sought. Attackers are able to deliver targeted ads for malicious software based on location, operating system, software, and search terms.
So... just more reasons to use an adblocker. Especially if ad providers aren't going to be responsible about what they show, which has been a problem for far longer.
Score: 21 Votes (Like | Disagree)
Arislan Avatar
Arislan
10 months ago
So still a social engineered lack of knowledge attack. Got it.
Score: 13 Votes (Like | Disagree)
icanhazmac Avatar
icanhazmac
10 months ago

are typically installed when a Mac user searches for a legitimate software product and then uses a malicious Google or Bing search ad to download an infested replica version of the software they sought
Ain't "side loading" grand?
Score: 12 Votes (Like | Disagree)
JitteryJimmy Avatar
JitteryJimmy
10 months ago

This *just* happened to my mom. <facepalm>
My mom doesn’t get admin rights.
Score: 11 Votes (Like | Disagree)
jimscard Avatar
jimscard
10 months ago

This is why non-nerds should replace their devices when they cease receiving OS version or security updates.

If you're on a Mac that cannot run 2022 macOS 13 Ventura or newer then replace it with any Mac with Apple Silicon.

In 2025 Intel Macs are only suitable for export to poor countries where data security is as valuable as their bank accounts.
Don’t disagree with the first point - non-nerds should definitely replace devices when they cease receiving security updates.

But in 2025, many Intel Macs are still as secure as ever - they still receive OS version and security updates, etc.
Score: 10 Votes (Like | Disagree)
fathergll Avatar
fathergll
10 months ago

Macs dont get virus
Correct.

Source; Apple


Score: 9 Votes (Like | Disagree)
Read All Comments