On 14 March 2025, a user “mentalpositive” on XSS Forum has posted a thread advertising a new MacOS infostealer. Below is the machine translation of the user’s forum post, with minor edits by me (I have copy-pasted just the intro, the rest on the blog, if interested):
spoiler
mac.c macOS Stealer is a stealer for devices running the macOS operating system. Works on all system versions starting from macOS Sierra (>10.12.6). Written in C, the build weight at the time of writing the topic is ~140 KB. Both architectures are supported: x64_86, ARM. Collect cookies, passwords, autofills and history from Chromium-based browsers, device information, Telegram session, desktop cryptocurrencies and cryptocurrencies, screenshot and decrypted device keychain. And the ability to change the text in modal windows when a password is requested will make your work even more pleasant!