Apple Device Management
Endpoint Detection & Response
macOS Device Management
iOS Device Management
Kai
Liftoff
Prism
Migration Agent
Auto Apps
Passport
Compliance
Assignment Maps
Managed OS
Integrations
Resources Hub
Kandji Blog
Customer Stories
Mac Admins Community
Security Details
MDM Comparison Guide
About Apple Device Management
Customer Support
Product Updates
Customer Login
Kandji Status
Register a Deal
Become a Partner
Technology Partners
Partner Portal
About Kandji
News & Press
Careers
Contact
Why Kandji?
Device Management
Advanced MDM solution for Apple devices
Extensive threat detection and response for Mac
Manage Mac with advanced automation
Take full control over iPhone, iPad, and Apple TV
Device insights with AI
User onboarding
Pre-built device reports
MDM migration for Mac
App management
Synced passwords for Mac
Security control templates
Configuration management
Automated OS updates
Connect to your tools
Discover the power of Kandji with a personalized demo and 21-day trial.
Potential Stealer: Purrglar in Progress
Unlike traditional viruses or ransomware, stealers are designed with a singular purpose: to quietly infiltrate systems and exfiltrate sensitive data—often without the victim even realizing it. These malicious programs are highly focused on gathering personal information, usually to be sold or used for further criminal activity. Kandji's Threat Research team discovered another potential stealer named kitty that was uploaded to VirusTotal on 1/10/2025. This stealer, which we're calling Purrglar, focuses primarily on capturing Chrome and Exodus wallet-related files. What is most interesting is the use of the Security Framework APIs to query the macOS Keychain. It is unclear if this application is currently in a development phase since localhost is used as the destination for the captured and uploaded files. That said, it does appear to likely be in a development stage, which means the intention of this potential stealer is unknown as of now. With that in mind, our team's findings are leaning towards this being malware to have on your radar. In this blog post we will dive into the interesting parts of this potential stealer including how it attempts to access the Keychain for a Chrome key, explore how the Chrome and Exodus files are captured, and how the file uploading via Curl APIs works. Whether you're a seasoned cybersecurity professional or someone looking to stay informed about the latest threats, this discovery is one you’ll want to keep an eye on.
How to Manage Activation Lock: A Guide for Apple Admins
Activation Lock is a theft-deterrent feature found in iOS and iPadOS devices and modern Mac computers (with the Apple T2 Security chip and Apple silicon). When such a device is attempted to be set up after having been erased, it checks with Apple servers to see if Activation Lock is on. If it is, the device requires the user’s Apple Account password before it can be used again (reactivated). This effectively removes the device’s resale value, making it less attractive to thieves.
Behavioral Detections: Kandji EDR's Latest Defense Update Against Threats
As attackers increasingly regard Mac computers as enterprise targets and evolve their attack methods, file-based malware detections can fall short in catching emerging and unknown threats. Sophisticated malware can evade these conventional security measures by operating entirely in memory without writing files to disk, using polymorphic code that constantly changes its signature, or leveraging legitimate system tools for malicious purposes.
We chose Kandji for their security solution to efficiently manage a fleet of Apple MacBooks. We were able to quickly and significantly increase our security posture with minimal resources.
Martin G.
Staff Dev-ops Engineer, Wisely
This tool was clearly designed from a Mac admin's point of view.
Nicholas Mercurio
Manager, IT & Security Operations, Fluent
We're saving time managing our Apple fleet with Kandji's built-in automations.
Wilson Ho
Director of IT, Turo
Visit the Knowledge Base to access help documentation
Latest feature releases and product updates
Existing customers: Sign in to access Kandji
Stay updated on Kandji system status
reduction in Mac-related support tickets
hours a month saved on routine maintenance
Learn more about Kandji, the modern MDM for Apple
Read the latest news in Apple enterprise management
Browse open job opportunities at Kandji
Get in touch with the Kandji team
Register a partner opportunity with Kandji for collaboration.
Apply to join the Kandji Partner Program
Check out Kandji’s integrations & API
Log in to access Kandji Partner Academy
Kandji's focus on automation sets it apart from any other MDM solution on the market.
Kai
Integrations
About Apple Device Management
