As macOS gains popularity, so too does the threat of malware targeting cryptocurrency holders. The recent emergence of "Cthulhu Stealer" is a stark reminder that even Apple's robust security cannot shield users entirely.
This malware, which masquerades as legitimate software, seeks to steal your personal data and digital assets, targeting popular wallets like Coinbase and MetaMask.
Discover the details of this rising threat and how to safeguard your investments.
Contents
Rising Threat to Mac Users: Increasing Malware Incidents Reported
While macOS, provided by Apple, is often praised for its strong security features, recent reports indicate a growing trend in malware targeting Mac users, particularly those involved in cryptocurrency.
On the 22nd of this month, cybersecurity firm Cado Security issued a warning about a new malware called "Cthulhu Stealer," emphasizing that despite macOS's reputation for safety, malware aimed at macOS has been on the rise in recent years.
What Is Cthulhu Stealer?
"Cthulhu Stealer" is a new type of malware designed to steal cryptocurrencies and personal information from macOS users.
It disguises itself as legitimate software such as "CleanMyMac," "Grand Theft Auto IV," and "Adobe GenP," attempting to siphon off sensitive data and digital assets.
The malware appears as an Apple Disk Image (DMG), and when the user opens the file, it triggers a command-line tool that prompts the user to input their password.
Cthulhu Stealer targets a wide range of popular cryptocurrency wallets, and the list of data reported to be stolen by this malware includes:
- Browser cookies
- Coinbase Wallet
- Chrome extension wallets
- Telegram Tdata account information
- Minecraft user data
- Wasabi Wallet
- MetaMask Wallet
- Keychain passwords
- SafeStorage passwords
- Battlenet game, cache, and log data
- Firefox cookies
- Daedalus Wallet
- Electrum Wallet
- Atomic Wallet
- Binance Wallet
- Harmony Wallet
- Enjin Wallet
- Hoo Wallet
- Dapper Wallet
- Coinomi Wallet
- Trust Wallet
- Blockchain Wallet
- XDeFI Wallet
These wallets are widely used across various cryptocurrency communities, and the impact of this malware could be severe for many cryptocurrency holders.
A Modified Version of Atomic Stealer (AMOS)?
Cado Security suggests that the newly discovered "Cthulhu Stealer" may be a modified version of the previously reported Mac-targeting malware known as "Atomic Stealer."
The report indicates that the developers of Cthulhu Stealer may have altered the code of Atomic Stealer to create this new malware, as they share very similar functionalities and features.
Atomic Stealer has been reported to be sold via Telegram for $1,000 per month.
Recently, there have been further reports that new variants of Atomic Stealer are posing a renewed threat, leading to speculation that several modified versions of the malware may now be circulating.
Cthulhu Stealer Also Available for Rent at $500 Per Month
It's not just Atomic Stealer being rented out to other criminals; Cthulhu Stealer is also reported to be available for rent through Telegram at a monthly fee of $500.
Warnings about malware designed to steal cryptocurrencies are regularly issued by cryptocurrency media, and there is a high likelihood that more modified versions of existing malware will emerge in the future.
This could lead to an even greater spread of harm through rentals and sales, making it crucial for cryptocurrency holders to remain vigilant.
In their latest report, Cado Security stressed the importance of caution when installing software from unofficial sources.
They recommend downloading software from official stores or websites and utilizing security features to avoid falling victim to threats.
Recent reports of fake cryptocurrency wallet apps being released on Apple's App Store further underscore that risks exist even when using Apple products, making it essential for users to exercise extreme caution.
>> For the latest news on scams and more, click here
-
Mac Users Beware: The Renewed Threat of the Cryptocurrency-Stealing Malware "AMOS"
Stay alert, Mac users—new variants of the AMOS malware are targeting cryptocurrency wallets, with sophisticated methods like cloned wallet apps. Learn how to protect your digital assets.
続きを見る