News

Jinse Finance reported that according to Paul Ciana, a technical strategist at BofA Global Research, late last week the ICE Dollar Index (DXY), which measures the US dollar against a basket of six major currencies, saw its 50-day simple moving average cross above the 200-day simple moving average. In technical analysis, this is known as a "golden cross" and is considered a bullish signal. This encouraging development comes at the tail end of a year of weak performance for the dollar. Since the beginning of 2025, the dollar index has fallen by about 9% in total. On Monday, the index dropped 0.3% to 98.30, only slightly above its lowest level of the year. BofA strategist Ciana pointed out that this is the 39th "golden cross" signal for the dollar since 1970. For investors looking for signs of a dollar rebound, this signal suggests the dollar may strengthen in the coming months. In a written report, Ciana stated: "Overall, the 'golden cross' signal has always been positive for the dollar." He noted that once a "golden cross" appears, the dollar tends to rise over the following 20 to 60 trading days.

BlockBeats News, December 23, SlowMist Chief Information Security Officer 23pds shared that the MacSync Stealer malware, active on the macOS platform, has undergone significant evolution and user assets have already been stolen. The forwarded article mentioned that the malware has upgraded from early low-barrier inducement methods such as "drag to terminal" and "ClickFix" to a Swift application with code signing and Apple notarization, significantly increasing its stealthiness. Researchers found that this sample is distributed as a disk image named zk-call-messenger-installer-3.9.2-lts.dmg, luring users to download it by disguising itself as an instant messaging or utility application. Unlike before, the new version does not require any terminal operation by the user; instead, a built-in Swift helper program fetches and executes encoded scripts from a remote server to complete the information theft process. This malicious program has completed code signing and Apple notarization, with the developer team ID GNJLS3UYZ4, and the relevant hash had not yet been revoked by Apple at the time of analysis. This means it has higher "credibility" under the default macOS security mechanisms, making it easier to bypass user vigilance. Research also found that the DMG file is unusually large and contains decoy files such as LibreOffice-related PDFs to further reduce suspicion. Security researchers pointed out that this type of information-stealing trojan often targets browser data, account credentials, and crypto wallet information. As malware begins to systematically abuse Apple’s code signing and notarization mechanisms, crypto asset users on macOS are facing increasing risks of phishing and private key leakage.

BlockBeats News, December 23, SlowMist Chief Security Officer 23pds shared a post stating that the MacSync Stealer malware active on the macOS platform has shown significant evolution, with user assets already being stolen. The article shared by him mentioned that from early-stage techniques relying on "drag-and-drop to terminal" and "ClickFix" for easy lure, it has upgraded to code signing and utilizing Apple notarized Swift applications, significantly enhancing its stealthiness. Researchers found that this sample is being spread in the form of a disk image named zk-call-messenger-installer-3.9.2-lts.dmg, disguised as an instant messaging or utility application to lure users into downloading it. Unlike the past, the new version no longer requires any terminal operations from the user but instead is pulled and executed by a built-in Swift helper from a remote server to carry out the information theft process. This malware has been successfully code signed and notarized by Apple, with the developer team ID being GNJLS3UYZ4, and the related hashes have not been revoked by Apple at the time of analysis. This means that it enjoys higher "trustworthiness" under the default macOS security mechanism, making it easier to bypass user vigilance. The research also discovered that the DMG file size is unusually large, containing bait files such as PDFs related to LibreOffice to further lower suspicion. Security researchers pointed out that such information-stealing trojans often target browser data, account credentials, and cryptocurrency wallet information. As malware increasingly abuses Apple's signing and notarization mechanisms, cryptocurrency users in the macOS environment are facing rising phishing and private key exposure risks.