Older Intel-based Macs are now being targeted by new Mac malware that can steal passwords, files, and more from vulnerable Apple computers.

As reported by BleepingComputer, this new malware strain is called MetaStealer by security researchers at SentinelOne who discovered it and have been tracking its progress for the past several months.

In addition to targeting older Macs rather than the best MacBooks with Apple Silicon, this malware is particularly troubling because it is able to evade Apple's built-in XProtect antivirus. In addition, while this malware shares some similarities with the Atomic Stealer malware, most of the code is different, as is the distribution method used by the hackers to distribute it.

MetaStealer is currently being used primarily to target business users with Intel-based Macs, but the hackers behind this campaign could widen their net to target Macs running Apple Silicon.

The MetaStealer malware is currently being distributed through work-focused phishing emails in which the hackers behind the campaign pose as clients or business partners, according to a SentinelOne blog post.

These messages contain disk image files that look like PDFs when downloaded and mounted on macOS, but are actually executables using the ".app" file extension. These fake PDF files can easily trick victims into opening them because they appear to be documents rather than applications that are installed on the Mac.

However, these seemingly benign files install the MacStealer malware, which siphons sensitive information such as passwords, system files, and application data from the compromised Mac. The malware can also steal data from Apple's Keychain password manager, Telegram, and Facebook.

Since Keychain is a system-level password manager, it stores not only website and application passwords, but also Wi-Fi network passwords, encryption keys, credit card information, and private notes. With all these credentials in hand, hackers deploying the MetaStealer malware can launch any attack against users with vulnerable Macs.

There is good news for the time being, as MetaStealer only works on Intel-based Macs and not on newer Apple computers that use the company's M1 and M2 chips. However, this is subject to change, and this is certainly one Mac malware to keep an eye on in the future.

As with Windows malware, be especially careful when downloading attachments from unknown senders or opening them in your inbox. It is worth checking the file name carefully and sending a follow-up email to the sender before downloading the file in the original message or clicking on any of the included links.

At the same time, watch out for red flags that are common in phishing emails, such as misspellings and poor grammar. These are clear indicators that the email is not from the client, but was sent by a hacker or scammer on their behalf.

You should also consider using one of the best Mac anti-virus software solutions to protect your Mac from malware. Of course, XProtect comes preinstalled on every Mac, but we recommend investing in paid antivirus software for additional protection, similar to Windows Defender. Likewise, you may want to use the best password manager instead of Apple's Keychain to store passwords and other sensitive information.

MetaStealer is a powerful new Mac malware, but so far it only poses a threat to older Intel-based Macs. However, given its advanced features, the cybercriminals behind this malware are likely already researching ways to port it so that it can run on Apple silicon.