A new strain of malware targeting Apple macOS users has been discovered, specifically targeting the crypto community and engineers. The malware, dubbed Candycorn, is capable of data recovery, directory listing, file upload/download, secure deletion, process termination, and command execution.
The malware is spread through social engineering attacks, with attackers impersonating community members in Discord channels and tricking victims into downloading a malicious ZIP archive called "Cross-platform Bridges.zip". This archive contains a Python-based script that installs malware on the victim's computer.
Once installed, KandyKorn can be used to steal cryptocurrency wallets, private keys, and other sensitive information. It can also be used to execute arbitrary commands on the victim's computer, which can allow attackers to take complete control of the system.
This malware is a serious threat to the crypto community and engineers, as it can allow attackers to steal their valuable assets and gain access to their systems. It's important to be aware of the danger and take steps to protect yourself, such as:
Avoid downloading attachments or clicking on links from unknown senders.
Keeping your software up to date, including your operating system, security software, and web browser.
Using strong passwords and two-factor authentication for all your online accounts.
Storing your cryptocurrency assets in secure wallets.
If you believe your computer is infected with KandyKorn, you should immediately scan it with a reputable antivirus program. If malware is detected, you must remove it immediately and change all your passwords.
Here are some additional tips to protect yourself from malware:
Beware of public Wi-Fi networks.
Do not use pirated software.
Back up your data regularly.
Be careful about the information you share online.
By following these tips, you can help protect yourself from malware and other cyber threats
#CryptoNews🔒📰🚫 #Web3Wallet #etf #hack #HackerAlert $USDC $BUSD $BTC
