Cybersecurity firm Guardz has confirmed the existence of a new infostealer program on the dark web. Known as ShadowVault, the malicious entity is available to hire for $500 a month.
The data theft program targets macOS devices and is capable of extracting passwords, credit card details, cookies, and all Chromium and Firefox browser information.
ShadowVault was originally detected in June by the Israel-based cybersecurity company, which briefly mentioned it in a blog post released on the 19th of that month. The official heads-up has taken three weeks since then to be issued.
The precise reason for the delay was unclear at the time of going to press, but, regardless, what is intriguing about the disclosure is that it appears to mark a trend shift in infostealers, away from targeting Microsoft products to going after their Apple cousins instead.
Because infostealer malware has long targeted Microsoft Windows devices, macOS was often considered a more secure operating system. Threat actors have traditionally tended to focus on weaponizing malware away from Apple’s more “closed” ecosystem.
But with another infostealer program, Atomic, detected in April exclusively going after macOS devices, the happy days of taking cybersecurity for granted appear to be over for users of Microsoft’s rival.
Guardz investigators discovered ShadowVault on the dark web forum XSS, after clandestinely monitoring it unobserved using anonymous avatars.
In this way Guardz says it seeks to protect its clients, for the most part small and medium enterprises (SMEs), which it implies potentially have the most to lose from a cyberattack.
“SMEs should never assume they aren’t lucrative targets or take their devices’ and systems’ security for granted. In fact, SMEs are the main victims of the new generation of cyber threats,” said Dor Eisner, CEO and co-founder of Guardz.
Urging SMEs to maintain and update software and operating systems diligently, he added: “As businesses with fewer resources, comprehensive cybersecurity solutions that include advanced threat detection and response mechanisms are particularly crucial.”
More from Cybernews:
Subscribe to our newsletter