Security researchers warn of a dangerous malware posing as legitimate apps, stealing passwords and cryptocurrency wallets from macOS users.
Security researchers have recently discovered a new macOS malware named "Cthulhu Stealer" that poses significant risks to users by disguising itself as legitimate applications. This malware is particularly dangerous as it targets sensitive data, including passwords and cryptocurrency wallets. Here's what you need to know to stay safe.
Cthulhu Stealer is a type of malware-as-a-service (MaaS) that specifically targets macOS users. It is sold for $500 a month and can infect both Intel and Apple Silicon Macs. The malware is distributed through disk image files, which are commonly used to install legitimate applications on macOS.
Once installed, Cthulhu Stealer can bypass macOS's Gatekeeper security feature, allowing it to access sensitive information stored on the device. This includes data from iCloud Keychain, web browser cookies, and even Telegram account information.
The malware tricks users into downloading and installing it by posing as legitimate applications. It often uses fake job offers to lure victims, convincing them to download software that appears to be necessary for the job. Once the software is installed, the malware gains access to the system's Keychain, where it can steal passwords and other sensitive data.
In addition to passwords, Cthulhu Stealer targets cryptocurrency wallets such as MetaMask, Coinbase, and Binance. It can steal cryptocurrency by accessing the wallet information stored on the device.
There is a common misconception that macOS systems are immune to malware. However, the discovery of Cthulhu Stealer challenges this belief. The malware's ability to bypass macOS's built-in security features highlights the need for additional precautions.
