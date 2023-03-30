MacStealer was discovered by the security team at Uptycs, a company specializing in cybersecurity solutions. According to the Uptycs report, MacStealer is a malicious program that uses Telegram as a command and control (C2) platform to steal data.

It can hijack passwords, cookies and credit card data from different browsers like Firefox, Google Chrome and Brave. In addition, it can extract various types of files, including txt, doc, jpg and zip. The virus can also access Keychain, the macOS protected area where user account passwords are stored.

MacStealer primarily affects macOS versions Catalina and later on M1 and M2 CPUs. The malicious file was announced on hacker forums in early March 2023 and has been receiving improvements from its creators, who have developed ways for the virus to also collect passwords and Safari cookies and notes.