PANews reported on August 26 that according to Cointelegraph, Apple Mac users have recently encountered a new security threat - the "Cthulhu Stealer" malware, which targets users' sensitive information and cryptocurrency wallets. Cybersecurity expert Cado Security has issued an urgent warning, noting that despite macOS's long-standing reputation for security, malware activity targeting Macs has risen significantly in recent years.
"Cthulhu Stealer" disguises itself as a disk image (DMG) file of popular software such as CleanMyMac and Adobe GenP to trick users into downloading and executing it. Once the user is infected, the malware will use macOS's command line tools to execute AppleScript and JavaScript scripts, first tricking the user into entering the system password, and then further asking for the password of the Ethereum wallet MetaMask. It is reported that it also targets other popular crypto wallets, including those from Coinbase, Wasabi, Electrum, Atomic, Binance, and Blockchain Wallet.
After the attack, "Cthulhu Stealer" will store the stolen data in local text files and perform "fingerprinting" in the victim's system to collect key information including IP address and operating system version. Cado Security researcher Tara Gould pointed out that the main purpose of the software is to steal various online store account credentials and cryptocurrency assets. However, the scammers behind the malware are said to be no longer active.