According to a dark web post observed by Cyber Security News, the threat actor behind iNARi Loader is offering this private macOS stealer with an extensive feature set that surpasses previous iterations of similar malware. According to dark web advertisements observed by Cyber Security News, the malware can reportedly be delivered through multiple vectors, including terminal commands, disk image files (.dmg), package installers (.pkg), or malicious applications. Unlike many competing products that require additional obfuscation, iNARi allegedly doesn’t need crypting services to evade detection, suggesting sophisticated built-in evasion capabilities similar to those observed in other recent macOS malware families. This high-priced stealer represents an alarming evolution in the growing landscape of macOS-specific malware, combining remote desktop capabilities with advanced data exfiltration techniques. The malware reportedly includes modular capabilities allowing attackers to deploy various payloads ranging from VNC (Virtual Network Computing) remote access to sophisticated data stealers. The addition of remote desktop capabilities represents a significant escalation, giving attackers data theft capabilities and persistent control over compromised systems. These prices significantly exceed those of previous macOS stealers like Atomic ($1,000-$3,000/month) and Banshee ($3,000/month), indicating either exceptional capabilities or targeted marketing toward well-funded threat actors.
This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 15 Apr 2025 06:20:10 +0000