← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Valse CleanMyMac-website installeert SHub Stealer en backdoors voor cryptovaluta-wallets | Malwarebytes
WHITE CyberHunter_NL 2026-03-11 Modified: 2026-03-11
8
IOCs
LOW VOLUME
ledger walletledger liveexodusatomic wallettrezor suiteshubchromecleanmymacdoorhet scriptterminalorionphantomdesktopodyssey stealershiftseed
Indicators of Compromise (8)
All URL domain
TYPEINDICATORDESCRIPTIONCREATED
URL http://res2erch-sl0ut.com/debug/payload.applescript 2026-03-11
URL http://res2erch-sl0ut.com/gate 2026-03-11
URL http://wallets-gate.io/api/injection 2026-03-11
domain cleanmymacos.org 2026-03-11
domain res2erch-sl0ut.com 2026-03-11
domain wallets-gate.io 2026-03-11
URL https://macpaw.com/cleanmymac/us/app 2026-03-11
domain macpaw.com 2026-03-11
References (1)
↗ https://www.malwarebytes.com/nl/blog/threat-intel/2026/03/fake-cleanmymac-site-installs-shub-stealer-and-backdoors-crypto-wallets