A concerning new threat has emerged targeting macOS users. This sophisticated malware operates as a backdoor, specifically designed for data theft. One of its most notable and dangerous features is its self-reviving capability.
This means the malware possesses a high degree of persistence. If components of the malware are detected and removed, it includes mechanisms that allow it to automatically reinstate itself on the system. This makes it particularly difficult to fully eradicate once a machine is compromised.
The primary goal of this malicious software appears to be stealing sensitive information, with a focus on cryptocurrency wallet data. However, its backdoor functionality indicates it could be used to exfiltrate other types of personal and financial data as well, giving attackers continued access and control over the compromised macOS system. The ability to self-revive ensures that the attackers maintain their foothold, posing a significant and ongoing cybersecurity risk to affected users.
Source: https://www.bleepingcomputer.com/news/security/nimdoor-crypto-theft-macos-malware-revives-itself-when-killed/
