KEYSTEAL Trojan

By Mezo in Mac Malware, Trojans

Translate To:

The KEYSTEAL Trojan threat is a Mac malware designed to collect sensitive information from the macOS Keychain data. Compromising the information stored on the Mac Keychain could have serious consequences for the victim.

To infiltrate the user's Mac device, KEYSTEAL is disguised as the ResignTool application. The weaponized application not only carries the same icon and name as the legitimate one, but it is a dishonestly modified version of RedesignTool. The original application allows iOS users to change the signing information of IPA archive files. However, the application is not available on the official App Store and is only distributed via third-party file-sharing platforms, a fact that cybercriminals have taken full advantage of.

Once it has infiltrated the victim's Mac, KEYSTEAL will access the Keychain password management system of iOS and extract a variety of confidential information. The collected data may include account usernames and passwords, private keys, secure notes, digital certificates and more. The threat also will use social-engineering tactics to get users to reveal their account passwords. To mask its threatening or suspicious activity, KEYSTEAL will run the legitimate ResignTool's functionality after it has finished siphoning out the targeted data.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

KEYSTEAL Trojan

Submit Comment

Trending

Safe Search Eng

Findtheirreport.com

MarioLocker Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen