THREATNOIR
Subscribe
Back to Feed
MalwareApr 1, 2026

Ongoing #macOS #malware campaign target users searching for Homebrew on Mac with malicious ads, t...

macOS malware campaign uses fake Homebrew ads to deploy SHub Stealer credential thief.

Read at source

Summary

An ongoing macOS malware campaign targets users searching for Homebrew by displaying malicious ads with fake installation commands. The attack script fingerprints devices and deploys SHub Stealer to harvest cryptocurrency wallets and passwords. Threat actors are rotating C2 domains daily to evade detection.

Indicators of Compromise

  • malware — SHub Stealer