9to5Mac58%

PSA: Beware of fake Mac crash reports out to steal your passwords, crypto wallets, more 48%

By Ben Lovejoy75%

7/15/2026, 11:43:11 AM

BS Summary: This article contains 26 faulty reasoning types, including Indoctrination, Ambiguity (Equivocation), and Biased Writer Voice, with Unattributed Quote as the most egregious example at 35.1% saturation with 100 hits. Analysis detected 820 faulty-reasoning hits from 285 analyzed words, generating a BS Score of 49.4% and a BS Rank of 48% (8,379 of 15,985 articles). This article is better (less manipulative) than 52.40% of the article peer group.

While macOS is generally very stable, there are times when an app will crash and your Mac will offer to send a diagnostic report to Apple. 
A new form of Mac malware has been discovered, which creates fake versions of this form, requesting your Mac password as part of the data collection. 
If you comply, it will get access to a huge range of personal data, including your password managers and cryptocurrency wallets  
Jamf says it first began tracking the malware in May, and has now seen it in the wild. 
Initial access is through a disk image named "Werkbit Setup," which mounts at /Volumes/Werkbit Setup and contains a single application bundle, Werkbit.app. 
Its executable is named veltod and carries the bundle identifier dev.golove.velto. 
Unlike the payload it eventually installs, the dropper is properly code signed and notarized: it is a universal (arm64 and x86_64) binary signed with the Developer ID Emil Grigorov (WWB7JA7AQV), has hardened runtime enabled, and carries a stapled notarization ticket. 
Notably, the disk image itself is signed as well, not just the application inside it, which is uncommon in malicious DMG delivery where the container is typically left unsigned. 
Macworld says that Apple has revoked the credentials, so it should now be detected by Gatekeeper. 
However, caution is still advised. 
In addition to looking out for that disk image, you should also closely examine app crash reports and any password prompt saying that System Preferences wants to make changes. 
As always, your best protection is to ensure that you only ever download apps from the Mac App Store and the websites of developers you trust. 
Confirmation Bias
10.2%
Anchoring Bias
0%
Availability Heuristic
9.1%
Representativeness Heuristic
10.2%
Hindsight Bias
5.6%
Overconfidence Bias
0%
Framing Effect
5.3%
Loss Aversion
7.7%
Status Quo Bias
9.1%
Sunk Cost Effect
0%
Optimism Bias
9.1%
Pessimism Bias
13%
Negativity Bias
13%
Self-Serving Bias
0%
Fundamental Attribution Error
0%
Actor-Observer Bias
0%
In-Group Bias
0%
Out-Group Homogeneity Bias
0%
Halo Effect
14%
Horn Effect
0%
Dunning-Kruger Effect
0%
Recency Bias
6.3%
Primacy Effect
9.1%
Blind-Spot Bias
1.8%
Ad Hominem
0%
Straw Man
0%
Appeal to Authority
11.9%
False Dilemma
9.1%
Slippery Slope
0%
Circular Reasoning
0%
Hasty Generalization
7.7%
Red Herring
0%
Bandwagon
0%
Appeal to Emotion
5.3%
Begging the Question
9.1%
Post Hoc (False Cause)
5.6%
Tu Quoque
0%
Burden of Proof
0%
Appeal to Nature
0%
Composition/Division
0%
Anecdotal
9.1%
No True Scotsman
0%
Ambiguity (Equivocation)
20.4%
Gambler’s Fallacy
0%
Middle Ground
0%
Personal Incredulity
0%
Special Pleading
0%
Genetic Fallacy
0%
Unattributed Quote
35.1%
Quote-first Misdirection
0%
Biased Writer Voice
16.8%
Indoctrination
26.3%
Politically Left Leaning Bias
0%
Politically Right Leaning Bias
0%
Attempt to Sell a Product or Service
7.7%

285 words analyzed.

Analysis

Hover over highlighted words in the article to view the associated bias or fallacy analysis.