A new and challenging form of malware dubbed “Realst” currently targets macOS and Windows users, posing a particular risk to Apple computer owners.
This cunning malware disguises itself as fake blockchain games, such as Brawl Earth and Dawnland, and spreads through social media promotions and direct messages, putting unwary users in harm’s way.
When unwary victims fall into its trap and use the offered access codes to access the threat actor’s website, their devices become prone to attack.
Realst demonstrates its destructive goal by silently stealing sensitive data from web browsers and cryptocurrency wallet apps, exposing users’ personal information and digital assets.
Security researcher iamdeadlyz discovered Realst, which was first thought to target macOS users, but it has since been found that Windows users are also at risk.
RedLine Stealer, AsyncRAT, and Raccoon Stealer are just a few of the malware strains introduced onto Windows workstations by the threat, making it tough to detect.
Unraveling Realst’s Stealthy Approach
SentinelOne, a cybersecurity organization, examined 59 “Mach-O” samples of Realst and discovered a range of active macOS variants, each showing signs of rapid development. This rapid evolution increases the difficulty of tracking and combating malware effectively.
Realst infects devices through deceptive PKG installers and DMG disk files for macOS users, cunningly concealed to resemble genuine games or decoy software. When malware is implanted, it takes hold and gives unauthorized users access to personal data and digital wallets.
An alarming element of Realst is the presence of a cross-platform Firefox information stealer known as “game.py.” This script efficiently harvests sensitive data from users’ web browsers, providing threat actors with a wealth of exploitable information.
Moreover, Realst employs “chainbreaker,” an open-source macOS keychain database, to obtain stored passwords and internet account credentials in clear text format, heightening the risk to victims.
Experts Call For Vigilance And Caution Against Malware
The desire to steal cryptocurrencies is the main driver behind these attacks. Unaware users are seen as a tempting target by hostile actors as digital assets become more popular and valuable.
Experts emphasize the importance of caution while installing software from unknown sources, mainly social media adverts and direct messages, as malware adapts and spreads. To stay safe, users must rely solely on official app stores and verified websites for their software needs.
By implementing these safety measures and raising awareness about the Realst threat, users can better protect themselves from this malicious menace.
Featured image from The SSL Store