macOS Malware Abuses Fake Google Update for Persistence

The Reaper variant of the SHub macOS infostealer achieves persistence by masquerading as a legitimate Google software update and utilizing a LaunchAgent to maintain a backdoor. This malware employs social engineering and fileless execution techniques to steal sensitive data and tamper with cryptocurrency wallets while evading detection.