[SlowMist Yuxian: Users need to be wary of the latest macOS Trojans that can steal encrypted wallets and sensitive information] On September 10, Yuxian, the founder of SlowMist, said that in the Trojan attack software recently released by Eastern European hackers for macOS, once the Trojan is run (the running error you see is fake...), it will automatically steal your cookies, auto-fill information, password information, and the mnemonics/private key files locally encrypted in the extended wallet saved by each browser. There is also information in the macOS Keychain, which is likely to contain your various passwords. Plus some other sensitive information. From our past emergency cases, whether it is this type of Trojan on macOS or Win, once it occurs, the attacker's steps are generally as follows: 1. Decrypt the mnemonics/private key files locally encrypted in the extended wallet. Some passwords are locally available, and some are brute-force, so some people's wallet assets were stolen after a few days. If the target wallet has too little assets, it will be hidden and stolen automatically one day; 2. The account permissions saved by the browser, such as X, trading platforms, etc., are hacked; 3. Telegram, Discord, etc. are hacked. Therefore, once you are hacked, deal with these first, and then disinfect or reinstall to restore.
