SlowMist: macOS Experiences Highly Disruptive Malware That Can Steal User's Cryptocurrency Wallet and Other Sensitive Data

BlockBeats News, April 22, According to PeckShield monitoring, a highly destructive malware called "MacSync Stealer" (v1.1.2) is currently active.

The malware targets macOS users and steals sensitive data, including encrypted wallets, browser credentials, system keychain, and infrastructure keys (SSH/AWS/K8s). The malware uses a forged AppleScript system dialog for phishing and displays an "unsupported" fake error message after data leakage. It has promptly synchronized this IOC (Indicator of Compromise) to customers.

PeckShield reminds users not to run unverified macOS scripts and to remain highly vigilant to unexpected system password prompts. If an attack is suspected, remedial actions should be taken immediately: change all infrastructure credentials (SSH/AWS/K8s), invalidate exposed keychains, and promptly migrate encrypted assets to a secure wallet.