🐂 Not all bull runs are created equal. November’s AI picks include 5 stocks up +20% eachUnlock Stocks

Red Alert for Mac Crypto Users: Security Firm Sounds Alarm

Published 23/01/2024, 19:15
Red Alert for Mac Crypto Users: Security Firm Sounds Alarm
BTC/USD
-

Coin Edition -

  • Kaspersky discovered a new macOS malware targeting crypto stored in digital wallets.
  • The malware replaces legitimate wallet applications with infected versions.
  • Mac users are warned to download apps from official stores and implement security measures.

In a recent discovery, cybersecurity researchers at Kaspersky have identified a new strain of macOS malware specifically designed to target crypto stored in digital wallets on Apple devices.

According to Kaspersky, this crypto trojan stands out for two distinct reasons. Firstly, it employs DNS records as a means to deliver its malicious Python script. Secondly, it diverges from the conventional approach of merely stealing from crypto wallets; instead, it replaces a wallet application with its infected version. The report noted that this tactic enables the Trojan to extract the secret phrase required to access the crypto stored in the wallets.

Specifically, the malware targets macOS versions 13.6 and above, spanning both Intel and Apple Silicon devices. Kaspersky underscored that the focus category suggests a deliberate priority for users of newer operating systems.

The compromised disk images contain an “activator” alongside the targeted application. This activator, “benign” in appearance, activates the compromised application only after the user unwittingly enters their password.

Meanwhile, the attackers employ pre-compromised application iterations, manipulating the executable files to render them non-functional until the user initiates the activator. This strategic maneuver guarantees that the user inadvertently triggers the compromised application.

Following the patching process, the malware initiates its core payload, with the script persistently attempting to download the subsequent stage of the infection chain. Popular wallets such as Bitcoin and Exodus have been targeted, turning these trusted applications into malicious entities.

Sergey Puzan, a security researcher at Kaspersky, stressed the risks associated with pirated software, stating:

Cybercriminals use pirated apps to easily access users’ computers and get admin privileges by asking them to enter the password.

To safeguard against such Trojans and protect crypto assets, Kaspersky researchers recommend downloading apps exclusively from official stores. While not foolproof, these platforms undergo some level of scrutiny.

Additionally, users are advised to install trusted security solutions, regularly update their operating systems and apps, secure their seed phrases, and use strong, unique passwords.

The post Red Alert for Mac Crypto Users: Security Firm Sounds Alarm appeared first on Coin Edition.

Read more on Coin Edition

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers
© 2007-2024 - Fusion Media Limited. All Rights Reserved.