Targeting macOS systems, a brand-new spyware called MetaStealer has surfaced in the open. This malicious program can steal a range of private data from users and was created using the Go programming language. One instance included the distribution of a MetaStealer version using a disk image file with the name “Contract for payment & confidentiality agreement Lucasprod.”
Many of the malware instances, according to SentinelOne researchers, target macOS business users by using social engineering techniques in which attackers impersonate bogus design clients in order to trick victims into running malicious payloads. Malicious program bundles in disk image format (.dmg) with names like Brief_Presentation-Task_Overview-(SOW)-PlayersClub, AnimatedPoster, CONCEPT A3 full menu with dishes and translations to English, and Advertising terms of Service are frequently used as these lures.