Kaspersky urges MacOS customers to be cautious, avoid doubtful web sites, and make use of dependable cybersecurity measures in response to a brand new malware focusing on MacOS variations 13.6 and better.
The malware, found by the cybersecurity agency, is especially harmful because it goals to deceive Bitcoin and Exodus pockets customers into downloading a pretend, malicious model of their software program.
In line with Kaspersky, the newly found malware spreads by means of pirated purposes, diverging from normal proxy trojans or distant management software program by particularly focusing on pockets purposes.
“Cybercriminals […] notice that a person on the lookout for a cracked app might be keen to obtain an installer from a questionable web site and disable safety on their machine, and so they are going to be pretty simple to trick into putting in malware as nicely.”
The Trojan in query stands out by utilizing DNS information to ship a malicious Python script, a technique unseen in earlier assaults.
Remarkably, this malware doesn’t simply steal crypto pockets knowledge; it replaces the precise pockets software with a counterfeit model. This enables the attackers to achieve entry to the key phrases wanted to entry the cryptocurrencies saved inside these wallets.
The risk is reported to focus on macOS variations 13.6 and above, no matter whether or not they’re working on Intel or Apple Silicon {hardware}.
Sergey Puzan, a safety researcher at Kaspersky, notes the revolutionary method of hiding a Python script inside a DNS server’s document, which makes the malware more durable to detect in community visitors. He advises customers to train excessive warning with their cryptocurrency wallets, recommending downloading from trusted sources just like the Apple App Retailer, protecting working methods up to date, and using safety options as key practices to reduce danger.
The newest malware risk is a component of a bigger development of accelerating cyber-attacks focused on cryptocurrency. As an example, North Korean hackers have been utilizing subtle deception ways, together with impersonating journalists and government agencies, to achieve entry to Bitcoin wallets.
In an incident reported by crypto.information in November 2023, these hackers managed to deceive 19 victims, resulting in important theft of cryptocurrencies.
Moreover, in June of the identical 12 months, Elliptic Join reported that the Lazarus group, tied to North Korea, stole over $35 million in numerous cryptocurrencies, together with USDT, XRP, Cardano, and Dogecoin, from customers of Atomic Pockets.