New Mac backdoor program steals keychain contents
Researchers have identified a new Mac backdoor program that’s designed to steal credentials stored in the OS-encrypted keychain and give attackers control over the system.
It’s not clear how Keydnap is distributed, but it arrives on computers in the form of a zip archive. Inside there’s an executable file with an apparently benign extension such as .txt or .jpg that actually has a space character at the end. The file also has an icon indicating an image or text file.