Security researchers have discovered new macOS malware that’s built to steal your most sensitive data. Dubbed ‘Cthulhu Stealer,’ the malware targets users by impersonating popular apps so it can harvest your system password, iCloud Keychain passwords, cryptocurrency wallets, and more.
Cthulhu Stealer malware threat
Cthulhu Stealer has reportedly been available since late 2023 as a $500/month paid service for bad actors. It can be especially effective because of how well it disguises itself as legitimate software.
Ravie Lakshmanan writes for The Hacker News:
“Some of the software programs it impersonates include CleanMyMac, Grand Theft Auto IV, and Adobe GenP, the last of which is an open-source tool that patches Adobe apps to bypass the Creative Cloud service and activates them without a serial key.
Users who end up launching the unsigned file after explicitly allowing it to be run – i.e., bypassing Gatekeeper protections – are prompted to enter their system password…In the next step, a second prompt is presented to enter their MetaMask password. Cthulhu Stealer is also designed to harvest system information and dump iCloud Keychain passwords using an open-source tool called Chainbreaker.
The stolen data, which also comprises web browser cookies and Telegram account information, is compressed and stored in a ZIP archive file, after which it’s exfiltrated to a command-and-control (C2) server.”
According to Lakshmanan, the threat actors behind Cthulhu Stealer are no longer active. However, the software can still do just as much damage in other malicious users’ hands.
Mac users generally don’t receive as many invasive efforts from the hacker community as Windows and Linux systems. Cthulhu Stealer, however, seems…
read more 9to5mac.com
Terms of use and third-party services. More here.
Soccer | NFL | NBA | Ads. Amazon
Sports Fan Rings | Sports Fan Football | Sports Fan Jerseys | Sports Fan T-Shirts | Sports Fan Shoes | Sports Fan Jewelry | Puffer Jackets |