After researching Iranian cyberespionage threats, security experts Claudio Guarnieri and Collin Anderson found the malware, dubbed MacDownloader, on a website posing as U.S. aerospace firm United Technologies.
“While this [malware] is neither sophisticated nor full-featured, its sudden appearance is concerning given the popularity of Apple computers with certain community, and inaccurate perceptions about the security of those devices,” the researchers wrote in a blog post.
Designed profile the infected computers to siphon credentials from the macOS password manager, the malware mimics a similar virus targeting Windows machines which was used on the same fake site by the same attackers.
Guarnieri and Anderson believe have ties to the Flying Kitten hacking group.
