MacRumors: Jamf uncovers macOS malware CrashStealer disguised as an Apple crash tool
MacRumors reported that Jamf Threat Labs spotted a macOS infostealer called CrashStealer that imitates Apple’s crash-reporting software. The malware was tied to a notarized fake app and aimed at browser, wallet, password manager, and keychain data.
According to MacRumors, Jamf says the malware uses Apple-like prompts and installation flows to look legitimate while it harvests sensitive files and credentials. Apple has since revoked the signing credentials for the app path Jamf described, but the report warns the threat could reappear in another form.
This matters because macOS users often trust notarized apps and familiar system dialogs. The report is a reminder that even polished-looking software can still be malicious, especially when it targets passwords and crypto wallets.
- MacRumorsPrimaryCrashStealer Malware Impersonates Apple Tool to Steal Mac Passwords and CryptoVerification pending
"Mac users should watch out for macOS malware called CrashStealer, according to Jamf Threat Labs . The malware impersonates Apple's crash reporting framework, and it's meant to stea"
Open original source
Recommended signals
Recommended from Apple topics and recent confidence changes