Summary: Cybersecurity researchers have identified the Poseidon malware, a macOS-targeting trojan that utilizes PKG files and preinstall scripts to infiltrate systems. At just 207 bytes, this malware poses a severe threat to Mac users, evading detection and stealing sensitive data. Its sophisticated techniques include anti-debugging measures and the evasion of macOS security features, making it one of the most active macOS infostealers.
Affected: Mac users
Keypoints :
- Poseidon malware operates as a trojan using PKG files for delivery, currently undetected by VirusTotal.
- The infection process often starts with users being redirected to fake websites offering malicious downloads masquerading as legitimate applications.
- Employs advanced evasion techniques including custom encoding, terminal manipulation, and anti-debugging measures to avoid detection.
- Accounts for 70% of macOS infostealer detections in late 2024, targeting sensitive user data and system files.
- Users are urged to use caution with unverified downloads and to implement strong security measures.
Source: https://gbhackers.com/poseidon-mac-malware-hiding-within-pkg-files/