Apple Mac users are facing a new cybersecurity threat with the emergence of a malicious software strain known as “Cthulhu Stealer,” which has been designed to steal personal information and target cryptocurrency wallets. This malware raises concerns about the growing vulnerability of macOS systems, which have long been perceived as more secure compared to other operating systems.

On August 22, cybersecurity firm Cado Security issued a warning about the Cthulhu Stealer malware, noting that it exploits a long-standing belief that macOS systems are largely immune to such attacks.

How Does the Attack Happen?

Cthulhu Stealer disguises itself as a legitimate Apple disk image (DMG), masquerading as trusted software such as CleanMyMac and Adobe GenP. Once a user opens the file, the malware uses the macOS command-line tool to execute AppleScript and JavaScript, prompting the user to enter their system password.

After the password is entered, the malware further requests the password to popular Ethereum wallet MetaMask, signaling its intent to target cryptocurrency assets. Beyond MetaMask, the malware also seeks to compromise other well-known crypto wallets, including those associated with Coinbase, Wasabi, Electrum, Atomic, Binance, and Blockchain Wallet.

Primary Motive

The stolen information is then stored in text files, allowing the malware to fingerprint the victim’s system and gather additional data such as IP addresses and the operating system version. “The main functionality of Cthulhu Stealer is to steal credentials and cryptocurrency wallets from various stores, including game accounts,” explained Tara Gould, a researcher at Cado Security.

Gould also noted the similarities between Cthulhu Stealer and another piece of malware called Atomic Stealer, which targeted Apple computers in 2023. This resemblance suggests that the developer behind Cthulhu Stealer may have taken Atomic Stealer’s code and made modifications to create this new threat.

The malware was reportedly being rented out to affiliates for $500 per month through the Telegram messaging platform. The developer and affiliates would then share profits from successful deployments. However, recent disputes over payments have led to accusations of an exit scam by the affiliates, raising doubts about the continued activity of the malware’s creators.

Apple’s Response

In response to the increasing threat of malware targeting its systems, Apple has taken steps to bolster its defenses. On August 6, the tech giant announced an update to its next-generation macOS version, making it more difficult for users to bypass Gatekeeper protections. These protections are designed to ensure that only trusted applications are allowed to run on the system.

Notably, Apple is a well-known company for its trust and advancements. However, in April last year, it removed the Bitcoin white paper during its operating system update.

The post New “Cthulhu Stealer” Malware Targets Apple Mac Users: Details appeared first on TheCoinrise.com.