Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
  • AI
  • Tech
  • Cybersecurity
  • Finance
  • DeFi & Blockchain
  • Startups
  • Gaming
Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

ChillyHell malware continues targeting Mac users with advanced evasion tactics

Advanced evasion tactics keep the 2021 malware active despite Apple revoking developer certificates.

byEmre Çıtak
September 11, 2025
in Cybersecurity

A new report from Jamf Threat Labs reveals that ChillyHell malware remains active against macOS systems. First discovered in 2021 and privately reported by cybersecurity firm Mandiant in 2023, this persistent threat shows no signs of stopping. Jamf researchers found a fresh sample on VirusTotal in May 2024, confirming the malware’s continued operation.

How ChillyHell steals Mac user data

ChillyHell targets sensitive information on infected Mac computers, specifically focusing on usernames and passwords. The malware uses sophisticated methods to avoid detection by security software and researchers.

Advanced evasion techniques make detection difficult

The malware employs two key tactics to stay hidden:

Stay Ahead of the Curve!

Don't miss out on the latest insights, trends, and analysis in the world of data, technology, and startups. Subscribe to our newsletter and get exclusive content delivered straight to your inbox.

  • Timestomping – alters file creation and modification dates to hide malicious activity
  • Dynamic command-and-control protocol switching – changes communication methods to avoid network monitoring

These evasion techniques allow ChillyHell to operate undetected for extended periods, making tracking and removal challenging for security teams.

Developer certificate revocation limits future distribution

Jamf’s investigation found that Apple has revoked the developer certificates linked to ChillyHell. This revocation prevents new versions from being easily distributed but does not remove existing infections from compromised systems.

Mac users should maintain updated security software and exercise caution when downloading applications from untrusted sources. The ChillyHell campaign demonstrates that macOS remains a target for sophisticated malware operations.


Featured image credit

Tags: ChillyHell malware

Related Posts

Google’s Live Threat Detection is reportedly coming to more Android phones

Google’s Live Threat Detection is reportedly coming to more Android phones

October 23, 2025
Meta’s latest update focuses on protecting older users from scams

Meta’s latest update focuses on protecting older users from scams

October 22, 2025
US judge bans NSO Group from targeting WhatsApp users with Pegasus spyware

US judge bans NSO Group from targeting WhatsApp users with Pegasus spyware

October 21, 2025
AWS outage: A complete list of every site and app that went down

AWS outage: A complete list of every site and app that went down

October 20, 2025
Windows 11’s new security patch is a system-breaking disaster, fix it now

Windows 11’s new security patch is a system-breaking disaster, fix it now

October 20, 2025
Discord confirms support vendor hack exposing user data and government IDs

Discord confirms support vendor hack exposing user data and government IDs

October 20, 2025

LATEST NEWS

Is ChatGPT down again? Reports indicate ongoing outage

Path of Exile: Keepers of the Flame will be the Breach 2.0!

Google Meet now lets you move people in and out of meetings like a lobby

Sam Altman: AI will cause “strange or scary moments”

Anthropic gives Claude a real memory and lets users edit it directly

Nissan’s Sakura EV gets a solar roof that adds 1,800 miles a year

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy

Follow Us

  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
No Result
View All Result
Subscribe

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.