▶️This script is designed as a macOS data stealer, primarily targeting sensitive user data from browsers, cryptocurrency wallets, messaging apps, and files. It extracts and copies data to a temporary directory, then zips it for potential exfiltration (though exfiltration itself is not implemented in the code).

✔️Browser Data (Chromium-based browsers): Yandex, Chrome, Brave, Edge, Vivaldi, Opera, OperaGX, Chrome Beta, Chrome Canary, Chromium, Chrome Dev, Arc, Coccoc
  💴 Cookies, Web Data, Login Data (Passwords, etc.), Local Extension Settings (f.e. crypto extension), IndexedDB data
  💴 Almost 150 Browser Wallets Extension
✔️ Cryptocurrency Wallets: Electrum, Coinomi, Exodus, Atomic, Wasabi, Ledger Live, Monero, Bitcoin Core, Litecoin Core, Dash Core, Electrum LTC, Electron Cash, Guarda, Dogecoin Core, Trezor Suite
✔️ Messaging Apps: Telegram
✔️ File Grabber: Desktop, Document, Downloads (pdf, docx, doc, wallet, keys, db, txt, seed) < 10MB
✔️ System and User Information: Username, Password, System Profile, Browser master passwords, Information file
✔️ Password Handling: social engineers until valid user password

The file will be delivered by the loader, you have to modify your backend to receive files.