A new account shot me a DM in Twitter with some malware, so I figured "why not?". Of course the standard procedure applies:Do you want a job as an admin / moderator? Pays $500 a week!Sends a malicious link.Part of the requirement is creating an account through the software after you download it.Aaaaand of course it's just straight up malware that steals everything. EZPZ.Let's jump into it.InfoURLhttps[://]runeonline[.]gamesURLScan.iohttps://urlscan.io/result/cf8cb6ac-7428-4a21-b182-292e6fcd4a...

The past two macOS samples I've looked at (Poseidon and Atomic Stealer) have heavily utilized AppleScript for their functionality. While looking at t...