A new strain of malware, named Cthulhu Stealer, is posing a serious threat to Apple Mac users, specifically targeting cryptocurrency wallets and personal data. The malware, disguised as legitimate applications like CleanMyMac and Adobe GenP, tricks users into downloading it.
Increased Threat to macOS Systems
Cybersecurity firm Cado Security has highlighted the growing risk of malware targeting macOS systems. Historically regarded as more secure than other operating systems, macOS is now facing increased malware threats. According to Cado Security, this shift is notable as macOS was once considered relatively immune to such attacks.
How Cthulhu Stealer Operates
Cthulhu Stealer is distributed as an Apple disk image (DMG) file. Once the file is opened, it utilizes macOS’s command-line tools to request user passwords. After gaining access to the system, the malware seeks permission to access cryptocurrency wallets, including popular ones like MetaMask, Coinbase, Binance, and Blockchain Wallet.
The malware collects sensitive information, which includes credentials, cryptocurrency wallet details, and even gaming accounts. This data is saved in text files, containing information such as IP addresses and operating system versions. Tara Gould, a researcher at Cado Security, notes that Cthulhu Stealer’s primary function is to gather these types of credentials and information.
Connections to Previous Malware
Cthulhu Stealer bears similarities to Atomic Stealer, a malware identified in 2023. This resemblance suggests that the developers of Cthulhu Stealer may have adapted the code used in Atomic Stealer. The malware was being rented out for $500 per month via Telegram, with profits shared among affiliates. However, internal disputes among the scammers reportedly led to accusations of an exit scam, causing the operation to become inactive.
Related topics:
Ethereum Golem Address Transfers 4000 ETH to Exchanges, Another Sell-off Coming?
Hong Kong’s Crypto Ambitions Face Setback Amid Licensing Struggles
