ava on Nostr: Heads up to all the macOS users out there: **The BANSHEE malware is a macOS-based ...
Heads up to all the macOS users out there:
**The BANSHEE malware is a macOS-based infostealer that targets system information, browser data, and cryptocurrency wallets.**
https://www.elastic.co/security-labs/beyond-the-wail**System info collection**
Safari cookies
Notes database
Files with the following extensions:
.txt, .docx, .rtf, .doc, .wallet, .keys, or .key from the Desktop and Documents folders.
**Browser collection**
BANSHEE collects data from 9 different browsers currently, including browser history, cookies, logins, etc:
Chrome
Firefox
Brave
Edge
Vivaldi
Yandex
Opera
OperaGX
**Wallet collection**
Exodus
Electrum
Coinomi
Guarda
Wasabi Wallet
Atomic
Ledger
Published at
2024-08-16 13:10:37Event JSON
{
"id": "c40f1f7151f833156125a68deca184dc745f719840a8890552dac281643fdfdb",
"pubkey": "4eb88310d6b4ed95c6d66a395b3d3cf559b85faec8f7691dafd405a92e055d6d",
"created_at": 1723813837,
"kind": 1,
"tags": [
[
"r",
"https://www.elastic.co/security-labs/beyond-the-wail"
],
[
"monero",
"8BuuQzCenvZA5t9Rv1XhxhJtpkmWaQsgRbN7tWd5NQ7N9NqwCbLQaknCB7JfZzbZV3asz38S4wqHWd5gwwcDadpBG92bnnx",
"1.0"
]
],
"content": "Heads up to all the macOS users out there:\n\n**The BANSHEE malware is a macOS-based infostealer that targets system information, browser data, and cryptocurrency wallets.**\n\nhttps://www.elastic.co/security-labs/beyond-the-wail\n\n**System info collection**\n\nSafari cookies \nNotes database \nFiles with the following extensions: \n.txt, .docx, .rtf, .doc, .wallet, .keys, or .key from the Desktop and Documents folders.\n\n**Browser collection**\n\nBANSHEE collects data from 9 different browsers currently, including browser history, cookies, logins, etc:\n\nChrome \nFirefox \nBrave \nEdge \nVivaldi \nYandex \nOpera \nOperaGX \n\n**Wallet collection**\n\nExodus \nElectrum \nCoinomi \nGuarda \nWasabi Wallet \nAtomic \nLedger ",
"sig": "f391c6085eaebb5d3dd94fee0f62a6b48b3cebd68b4fdf818ae74c2ad969ce660c953b60d45fd7e818c942987cc672008b6feeab1b8db847bc38b136cbd64dde"
}