Ruholamin Haqshanas is a contributing crypto writer for CryptoNews. He is a crypto and finance journalist with over four years of experience. Ruholamin has been featured in several high-profile crypto...
Cybersecurity firm Cado Security has warned Apple Mac users regarding a new malware variant named “Cthulhu Stealer,” which is designed to steal personal information and target cryptocurrency wallets.
In a recent report, Cado Security highlighted the growing threat to macOS users.
“While MacOS has a reputation for being secure, macOS malware has been trending up in recent years,” the firm stated.
The Cthulhu Stealer malware masquerades as legitimate software, such as CleanMyMac or Adobe GenP, appearing in the form of an Apple disk image (DMG).
Once users download and open this file, they are prompted to enter their password through macOS’s command-line tool, which runs AppleScript and JavaScript.
After the initial password is entered, the malware prompts for a second password, specifically targeting the Ethereum wallet MetaMask.
Recently, Cado Security has identified a malware-as-a-service (MaaS) targeting macOS users named “Cthulhu Stealer”. This blog will explore the functionality of this malware and provide insight into how its operators carry out their activities: https://t.co/nJCt6RnUfG
Other popular crypto wallets, including those from Coinbase, Wasabi, Electrum, Atomic, Binance, and Blockchain Wallet, are also at risk.
Once Cthulhu Stealer gains access, it stores the stolen data in text files and proceeds to fingerprint the victim’s system, collecting information such as IP address and operating system version.
“The main functionality of Cthulhu Stealer is to steal credentials and cryptocurrency wallets from various stores,
Read more on cryptonews.com