CrashStealer Malware Poses as Apple Crash Reporter to Steal Mac Credentials | TekBrief
TekBrief
All Stories AI News & Media Security Tech
Security

CrashStealer Malware Poses as Apple Crash Reporter to Steal Mac Credentials

Executive Briefing

  • Targets Mac users by mimicking Apple's CrashReporter app with authentic-looking icons and metadata
  • Tricks users into entering system passwords via fake macOS authorization prompts, validating credentials locally
  • Steals Keychain data, browser credentials, files, 14 password managers, and 80 crypto wallet extensions
  • Delivers payload through a fake meeting platform site called Werkbit using a signed Apple notarized dropper
  • Reminder: legitimate Apple crash reports never require password authentication from users