12/21/2024
BTC96,913.0
ETH3,911.51
USDT0.9999
XRP2.43
SOL225.51
BNB659.88
DOGE0.31367
USDC1.001
BUSD0.994955
Last news
08/26/2024

MacOS malware drains crypto wallets

08/26/2024
4,5

A worrying trend has emerged for those using macOS and engaging in cryptocurrency transactions, as cybersecurity experts have uncovered a novel malware-as-a-service (MaaS) called "Cthulhu Stealer."

A recent investigation by Cado Security unveiled that this particular strain of malware is crafted to compromise macOS devices, dispelling the myth that Apple's ecosystem is void of such vulnerabilities.

Despite macOS's strong security reputation, there has been a noticeable increase in attacks aimed at Apple's system. Instances like Silver Sparrow, KeRanger, and Atomic Stealer highlight this growing trend. With the introduction of Cthulhu Stealer to the scene, it's clear that the security paradigm for macOS users is evolving.

Cthulhu Stealer cleverly masquerades as an innocuous Apple disk image (DMG) file, camouflaging itself as well-known applications including CleanMyMac, Grand Theft Auto IV, or Adobe GenP as stated in the Cado analysis. Crafted in GoLang, it is adaptable for both x86_64 and ARM architectures, reflecting a pattern similar to another cryptocurrency-targeting malware discovered among Call of Duty enthusiasts.

The malevolent code becomes active upon launch, employing osascript to trick users into entering their system and MetaMask details. It then archives the pilfered data within a directory located at '/Users/Shared/NW'. Its primary objective includes hijacking credentials and digital wallets from a swath of sources, spanning browser cookies, gaming profiles, to several crypto wallets.

Its operational methods and objectives liken Cthulhu Stealer to Atomic Stealer, another malware aiming at macOS platforms identified in 2023. Both employ Go for their creation and prey on crypto wallets, browser logins, and keychain info. This parallel in operation hints that Cthulhu Stealer might be an evolved variant of Atomic Stealer.


Subscribe to Cryptonica.News
on social networks

The materials found on the Cryptonica website shall not be taken as individual investment recommendations. The financial instruments or operations mentioned therein may not align with your investment profile or objectives. We assume no responsibility for any missing facts or inaccurate information in the texts. Cryptocurrencies are financial assets with high risk and volatility. Therefore, it is crucial that you conduct your own research on financial instruments and make independent decisions. Before engaging in any actions related to cryptocurrency, you shall study, understand, and comply with the laws applicable in your region and country.

MetaMask


How useful is this article for you?
Thank you for your review!

Last news