Guardz, a cybersecurity company, has recently announced the detection of a new malicious code specifically designed for stealing confidential data on MacOS. The code, known as “Shadowwault,” is capable of intercepting user names, passwords, credit card information, cryptocurrency wallet data, and more.
Guardz became aware of Shadowwault through the discovery of a message on the XSS forum in a dark network. The code was being offered for rent at a price of $500 per month. This development is part of a growing trend known as malicious code as a service (MAAS) targeting MacOS. Previously, in April, the Cyblerch and Intelligence Labs laboratory discovered Amos, and in March, Uptycs found Macstealer, both of which were also available to attackers for a fee.
The CVE.Report database, which monitors vulnerabilities and leaks, does not currently have any records about Shadowwault. Apple has not made any official comments regarding this malicious code. Interestingly, Apple released an emergency update for MacOS 13.4.1 on Monday, as well as for iOS 16.5.1 and iPados 16.5.1. However, the update was recalled after multiple reports of a conflict with web applications. It is worth noting that the vulnerability addressed in the update does not appear to be related to Shadowwault.
How to Protect Yourself from Malicious Programs
Apple provides protection mechanisms in MacOS and regularly releases security patches through operating system updates. It is crucial to install these updates as soon as they become available. In cases where an update is recalled, like with MacOS 13.4.1 (A), Apple will re-release it once the issues have been properly fixed.
When downloading software, it is important to obtain it from reliable sources such as the App Store, which verifies the safety of the software, or directly from the developer.