Slow Fog Warning: MacSync Stealer is targeting macOS users to steal crypto assets and keys.

CoinFeed reported on April 22 that, according to SlowMist's MistEye intelligence, a high-risk macOS information-stealing Trojan called "MacSync Stealer" (v1.1.2) is actively spreading. Attackers trick users into entering passwords through fake AppleScript system pop-ups, thereby stealing encrypted wallets, browser credentials, system keychains, and infrastructure keys such as SSH/AWS/K8s. After transmitting the data, they disguise it as a "system not supported" error message. SlowMist advises users not to execute macOS scripts from unknown sources. If you suspect your device has been compromised, immediately rotate all infrastructure credentials, invalidate exposed keychains, and transfer encrypted assets to a secure wallet as soon as possible.