Threats Tagged 'crashstealer'
View all threats tagged with 'crashstealer'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'crashstealer'
Click on any threat for detailed analysis and mitigation recommendations
CrashStealer: C++ macOS Infostealer Posing as Crash Reporter 0 CrashStealer is a macOS infostealer malware written in native C++ that impersonates Apple's crash-reporting framework to steal sensitive user data. It is distributed via a signed and notarized dropper application that bypasses Gatekeeper protections. The malware locally validates victim passwords, unlocks the login keychain, and collects browser credentials, cryptocurrency wallet extensions, password manager data, and keychain contents. Data is encrypted with AES-GCM, packaged into hidden ZIP archives, and exfiltrated to a command-and-control server. Persistence is achieved by copying itself to a hidden directory and installing a LaunchAgent. The malware uses anti-analysis techniques including control-flow flattening, encrypted strings, and anti-debugging. Initial staging uses GitHub, and the campaign employs fake collaboration software domains as lures. Join the discussion | AlienVault OTX General | 07/14/2026, 07:59:28 UTC Added: 07/14/2026, 09:47:42 UTC |
Showing 1 to 1 of 1 result