A newly identified information stealer malware targeting macOS users is being distributed through a compromised website as a browser update, Proofpoint reports.
The malware, dubbed FrigidStealer, is written in the Go programming language and was built with the WailsIO project, to render content in the victim’s browser and hide its malicious intent.
Upon execution, it prompts the user for their password, and proceeds to harvest browser cookies and files associated with passwords and cryptocurrency, as well as Apple Notes, and exfiltrates them to its command-and-control (C&C) server.
Distributed by a financially motivated cybercriminal group tracked as TA2727 since the end of January, FrigidStealer is targeting macOS users outside of North America who visit…