BTC $62,529.55 -1.34%
ETH $1,783.46 -1.40%
BNB $569.00 -0.54%
XRP $1.06 -1.35%
SOL $75.14 -1.79%
TRX $0.3242 -2.12%
DOGE $0.0719 -1.19%
ADA $0.1575 -1.81%
BCH $232.80 -2.98%
LINK $7.93 -0.78%
HYPE $63.34 -5.53%
AAVE $95.76 -0.41%
SUI $0.7243 -0.94%
XLM $0.1794 -2.66%
ZEC $498.91 -5.27%
BTC $62,529.55 -1.34%
ETH $1,783.46 -1.40%
BNB $569.00 -0.54%
XRP $1.06 -1.35%
SOL $75.14 -1.79%
TRX $0.3242 -2.12%
DOGE $0.0719 -1.19%
ADA $0.1575 -1.81%
BCH $232.80 -2.98%
LINK $7.93 -0.78%
HYPE $63.34 -5.53%
AAVE $95.76 -0.41%
SUI $0.7243 -0.94%
XLM $0.1794 -2.66%
ZEC $498.91 -5.27%

GoPlus:恶意软件 Infiniti Stealer 针对 Mac 用户加密钱包发动攻击

2026-03-30 18:33:50
收藏

ChainCatcher 消息,据 GoPlus Security 披露,一款名为 Infiniti Stealer 的窃密恶意软件正通过 “ClickFix” 社会工程学攻击手法,针对 Mac 用户的加密钱包及敏感凭证实施窃取。

攻击者伪造高度仿真的 Cloudflare 验证码页面,诱导用户打开终端并手动粘贴执行恶意命令。命令执行后,脚本将移除 macOS 隔离属性,并将后续载荷写入 /tmp 目录静默运行。最终载荷为经 Nuitka 编译的原生 macOS 二进制文件,大幅提升了安全工具的检测难度。Infiniti Stealer 一旦部署,可窃取 Chromium / Firefox 浏览器凭证、macOS 钥匙串、加密钱包及开发者密钥文件(如 .env 文件),并具备沙箱检测与延迟执行能力以规避追踪。

app_icon
ChainCatcher 与创新者共建Web3世界