The infostealer malware Realst is targeting the unreleased macOS 14 Sonoma. The blockchain games spreading malware steal browser data and empty crypto wallets.
The new Realst malware was discovered by security expert iamdeadlyz and analyzed by SentinelOne. The researcher found that the malware targets both Windows and macOS. The malware is employed to scrape browser data, including passwords, as well as empty crypto wallets quickly immediately after infection.
macOS 14 Sonoma under attack
Further research by SentinelOne shows that Realst focuses remarkably on attacking devices running the upcoming macOS 14 Sonoma. In a third of the examples examined, strings were found to be present attacking this version of macOS.
This version of Apple’s operating system has not yet been released and is not expected to be available until the fall.
SentinelOne researchers also discovered that Realst attacks different types of browsers. These include Firefox, Chrome, Opera, Brave and Vivaldi. Quite remarkably, Safari was not found as a potentially vulnerable browser.
iamdeadlyz’s research further shows that the spread of Realst is primarily through blockchain games. Titles with the malware include Brawl Earth, WildWorld, Dawnland, Destruction, Evolion, Pearl, Olymp of Reptiles and SaintLegend.