Cybersecurity researchers report a new macOS information-stealing malware dubbed CrashStealer. The malware is designed to harvest sensitive data from compromised Mac systems, including credentials, keychain information, and cryptocurrency wallet data, according to multiple reports. To improve delivery and reduce detection, researchers say CrashStealer uses a notarized dropper that is intended to pass Apple’s Gatekeeper checks. One analysis describes the threat as being implemented in native C++, rather than relying on AppleScript-based droppers or Objective-C wrappers, and Jamf Threat Labs says the component validates a victim’s login password locally as part of its operation. Other coverage characterizes the malware as posing as Apple’s crash-reporting tool, using that impersonation to lure users or make the activity appear legitimate. Overall, sources agree that CrashStealer focuses on credential and wallet theft on macOS and that it incorporates mechanisms—such as notarization and local password handling—to facilitate execution on affected devices.