Gate News message, April 22 — SlowMist has issued a threat alert regarding an active macOS information stealer malware called MacSync Stealer (v1.1.2). According to SlowMist’s MistEye threat intelligence platform, the malware targets macOS users and can steal cryptocurrency wallets, browser credentials, system keychains, and infrastructure keys (SSH, AWS, K8s). The malware also uses spoofed AppleScript system dialogs to trick users into entering their login passwords, then displays fake “unsupported” error messages.
SlowMist has shared relevant indicators of compromise (IOCs) with its customers and advises users to avoid executing unverified macOS scripts and remain alert to unusual system password prompts.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
AI16Z, ELIZAOS Creators Sued Over $2.6B Fraud Allegations; Token Crashes 99.9% From Peak
Federal class action accuses AI16Z/ELIZAOS of a $2.6B crypto fraud via fake AI claims and deceptive marketing, alleging insider favoritism and a staged autonomous system; seeks damages under consumer protection laws.
Abstract: This report covers a SDNY federal class-action filed April 21 accusing AI16Z and its rebrand ELIZAOS of a $2.6 billion crypto fraud involving fake AI claims and deceptive marketing. The suit alleges a manufactured link with Andreessen Horowitz and a non-autonomous system. It details a peak valuation in early 2025, a 99.9% crash, and about 4,000 losing wallets, with insiders receiving ~40% of new tokens. Plaintiffs seek damages and equitable relief under New York and California consumer-protection laws. Regulators in Korea and major exchanges have warned or suspended related trading.
GateNews45m ago
North Korean Lazarus Group Deploys Mach-O Man Malware to Steal Crypto Wallet Credentials from macOS Users
Lazarus releases Mach-O Man for macOS to steal keychain data and wallet credentials, targeting crypto executives via ClickFix pop-ups and compromised Telegram meetings.
Abstract: The article reports that the Lazarus-linked Mach-O Man malware targets macOS to exfiltrate keychain data, browser credentials, and login sessions to access cryptocurrency wallets and exchange accounts. Distribution relies on ClickFix social engineering and compromised Telegram accounts directing victims to fake meeting links. The piece ties the operation to the April 20 Kelp DAO hack and identifies TraderTraitor as Lazarus-affiliated, noting rsETH movement across blockchains via LayerZero’s OFT standard.
GateNews2h ago
ZachXBT Warns Against Bitcoin Depot ATM Over 44% Bitcoin Markup
ZachXBT warns Bitcoin Depot ATMs impose steep premiums—$25k fiat at $108k/BTC vs ~$75k market (about 44%), leading to ~ $7.5k loss on 0.232 BTC; also notes a $3.26M security breach.
This article summarizes ZachXBT's warnings about Bitcoin Depot's pricing practices and a recent security breach, highlighting risks from inflated rates and security lapses for users.
GateNews4h ago
Privacy Protocol Umbra Shuts Down Frontend to Block Attackers from Laundering Stolen Kelp Funds
Gate News message, April 22 — Privacy protocol Umbra has shut down its frontend website to prevent attackers from using the protocol to transfer stolen funds following recent attacks, including the Kelp protocol breach that resulted in losses exceeding $280 million. Approximately $800,000 in stolen
GateNews6h ago
Misty 23pds Alert: Lazarus Group releases a new macOS toolkit targeting cryptocurrencies
Misty’s Chief Information Security Officer 23pds issued an alert on April 22, stating that the North Korean hacking group Lazarus Group has released a new native macOS malware toolkit called “Mach-O Man,”专a专专专專專專 specialized in the cryptocurrency industry and high-value enterprise executives.
MarketWhisper7h ago
Coinbase Warns Quantum Computing Could Threaten Crypto Security
Coinbase's Quantum Advisory Board has released a detailed report warning that quantum computing could pose a future threat to cryptocurrency security, though no immediate risk exists. According to Coinbase CSO Philip Martin, the report was published on April 21, 2026, and includes researchers from S
CryptoFrontier7h ago
