New MacSync Stealer Disguised as Trusted Mac App Hunts Saved Passwords

Jamf security experts have found a new version of MacSync Stealer. Disguised as a zk-call app, it uses official notarization to bypass security and steal your saved passwords.

For years, Mac users have felt a sense of security thanks to Apple’s strict notarization process, a system that ensures an app’s safety. However, a new report from Apple device security experts at Jamf Threat Labs shows that hackers are finding ways to get that official seal of approval for their own malicious tools.

Researchers were able to identify this trick while tracking a software called MacSync Stealer. In the past, attackers relied on “clunky” tricks like drag-to-terminal or ClickFix, which forced users to manually drag files into the Mac’s Terminal or paste coded commands to trigger an infection. The version discovered now is much more dangerous because it removes these manual steps entirely.

Bypassing the Digital Guard

This ...