New macOS Malware ‘Cthulhu Stealer’ Is Stealing Personal Information & Targeting Crypto Wallets
- A new strain of malware Cthulhu Stealer' was discovered by cybersecurity firm Cado Security on August 22.
- It's designed to steal personal information and target cryptocurrency wallets, such as MetaMask, Coinbase, Wasabi, etc.
- The worst part is that it disguises itself as a legitimate app, making detection harder.
Attention Apple users! Y'all need to be wary of a new strain of malware called Cthulhu Stealer," which is designed to target crypto wallets and steal personal information.
The discovery was made by a cybersecurity firm called Cado Security on August 22. While MacOS has a reputation for being secure, macOS malware has been trending up in recent years," it said in a detailed report.
About the MalwareWhat makes this malware so hard to detect is its ability to disguise itself as legitimate software, such as CleanMyMac, Adobe GenP, or even GTA IV, and appear in the form of an Apple disk image (DMG).
When a user unknowingly opens this software, they're asked to enter their password. After the first password is entered, the malware asks for a second password that's connected to the Ethereum wallet MetaMask.
Once the malware has complete access, it steals the user's data, stores it in text files, and then proceeds to collect other sensitive information, such as their IP address and OS version.Note: MetaMask isn't the only crypto wallet Cthulhu Stealer can compromise. Other wallets like Atomic, Binance, Wasabi, Electrum, Coinbase, and Blockchain Wallet are equally at risk.
About the Origin of Cthulhu Stealer' MalwareNot much is known about the origin or the author of the malware. However, Tara Gould, a researcher at Cado Security, said that it's similar to another malware called Atomic Stealer, which was discovered in 2023.
Like Cthulhu, Atomic Stealer, too, targeted Apple computers. In fact, Gould believes that Cthulhu is probably a modification of the Atomic Stealer.
Speaking of the developers, there's not much news there, either. Apparently, they were renting out the malware to other threat actors for $500 per month through Telegram and then the profit was shared among the partners involved.However, after a recent dispute over payments, the main developer disappeared. Some folks are even hinting at an exit scam, but nothing can be said for sure.
How to Protect Yourself from Cthulhu Stealer'?The good news is that Apple has acknowledged the growing threat of malware in Apple devices and promised to add a security update in the upcoming macOS version.Meanwhile, users are recommended to install antivirus software, keep it up-to-date, and refrain from downloading unverified apps and files.
Also, make sure your device's operating system is updated to the latest version so that it doesn't have any hidden vulnerabilities.
Related: macOS targeted by malicious ads spreading stealer malware
The post New macOS Malware Cthulhu Stealer' Is Stealing Personal Information & Targeting Crypto Wallets appeared first on The Tech Report.