Guardz Identifies New 'ShadowVault' macOS Stealer Malware

The Guardz research team discloses the existence of new information stealing malware on the Dark Web.

July 10, 2023

3 Min Read


TEL AVIV, Israel, July 10, 2023 /PRNewswire/ -- Guardz, the cybersecurity company securing and insuring SMEs, disclosed today the existence of a new information stealing malware known as 'ShadowVault,' available for rent on the dark web's popular XSS forum. The malware is capable of stealing sensitive data from macOS-based devices, posing a significant threat to businesses and individuals alike.

Information stealing malware has long targeted Microsoft Windows devices, while macOS has been considered a more secure operating system. As a result, cyber threat actors tended to develop malware, info-stealers, and other harmful tools for Windows, as this offered them a more scalable opportunity. However, the market has begun to shift. In April, the info-stealing malware 'Atomic,' which exclusively targets macOS devices, was discovered on the dark web, hinting at the changing status quo. Small and medium-size businesses, who once perceived macOS devices as the safer choice, are primed to feel the effects.

Guardz's research team first identified the 'ShadowVault' info-stealer in the underground XSS forum in June 2023. The malicious software is designed to secretly collect sensitive information from compromised systems – like login credentials, financial information, personal identification details, cryptocurrency wallet seed phrases, and more, with the potential to wreak havoc on systems and disrupt operations. The Guardz team of experts has long maintained anonymous avatars on the dark web to fuel its research in protecting SMEs from rising cyber threats such as this. In doing so, Guardz was able to obtain access to the exclusive forum and identify the new macOS stealer, originally available for rent at $500/month.

The identification of the new info-stealer, which points to the emergence of macOS stealers on a wider scale, will enable Guardz and other cyber defenders to further enhance their solutions and protect their clients from this new, rising breed of cyber threats. Guardz has already deployed countermeasures to protect their clients, providing real-time threat detection and rapid response capabilities to mitigate the risks posed by the 'ShadowVault' malware.

"SMEs should never assume they aren't lucrative targets or take their devices' and systems' security for granted. In fact, SMEs are the main victims of the new generation of cyber threats," said Dor Eisner, CEO and Co-Founder of Guardz. "In the face of increasing cyber-attacks, SMEs and the MSPs that serve them must keep their software and operating systems up to date and invest in managed device protection. As businesses with fewer resources, comprehensive cybersecurity solutions that include advanced threat detection and response mechanisms are particularly crucial."

To learn more about information stealing malware in general and 'ShadowVault' specifically, see Guardz's recent blog post here.

About Guardz

Guardz is a holistic cyber security and insurance solution designed for SMEs. Its all-in-one, affordable platform is on guard 24/7, and is easy to use for both in-house IT personnel and MSPs. With cutting-edge technologies stacked into a robust platform, Guardz's solution continuously monitors businesses' digital landscapes to protect their entire range of assets, enables them to react to cyber risks in real time with swift remediations, and provides cyber insurance for peace of mind. Guardz was founded in 2022 by Dor Eisner and Alon Lavi along with a team of cyber and insurance experts who combine innovation, experience, and creativity to create a safer digital world for small businesses.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights