Close Menu
    Cthulhu’ Malware: New Threat to Crypto Wallets on Mac
    Alts

    Cthulhu Stealer Malware: New Threat to Crypto Wallets on Mac

    Kent TenixBy No Comments3 Mins Read

    MacOS operating system users face a serious threat from malware named “Cthulhu Stealer.” It targets Apple Mac users and targets personal information to get access to the crypto wallets.

    The malware is targeting famous crypto wallets like Binance, MetaMask, and Coinbase to steal the holdings of the victims. A cybersecurity firm named Cado Security analyzed the Cthulhu malware on August 22 and provided detailed information about the threat.

    For years, it has been believed that MacOS is the most secure and immune operating system from malware, but in recent years, MacOS malware has been trending.

    “Cthulhu Stealer” appears on the Mac screen as an Apple disk image and identifies itself as an update of software like CleanMyMac. On opening the file for users, the macOS command-line tool initiates AppleScript and JavaScript to ask for the password.

    Once you open it, a second window appears to update your Mac password, and after updating, it asks you to attach your crypto wallet. Once all the information is given, it alerts the scammer with a new log and gathers all the information of hardware, software, OS, IP address, and wallet password and saves it as a text file.

    Source: Cado Security

    “The main functionality of Cthulhu Stealer is to steal credentials and cryptocurrency wallets from various stores, including game accounts,” Tara Gould, a Cado researcher, explained.

    Cthulhu stealer’s link to atomic stealer and recent scams

    He further explained that the Cthulhu Stealer is more like the Atomic Stealer, which was identified in 2023, for attacking Apple devices. He thinks that the developer may enhanced the code of Atomic Stealer and launched it.

    For $500 per month, affiliates were able to lease the malware through the Telegram Messaging Service, with the primary coder receiving a commission on the volume of effective launches.

    However, due to the problem with paying out commission, the malware is not currently active, thus leading to exit scams by affiliates.

    Apple has recently noticed the fact that its operating systems are targeted by malicious programs. On August 6, Apple, the tech company, revealed a new change in the next macOS generation: it will be difficult for the user to circumvent Gatekeeper measures, which allow only authorized programs to execute on the system.

    As for May, Telegram underplayed an exploit that enabled the researchers to control the macOS camera system, attributing it to the issues with permission security at Apple rather than Telegram.

    Share.

    Kent, a Senior Web3 Writer at Btcpronews.com, produces insightful guides and reviews on cryptocurrencies and exchanges. With an engineering background and over four years of freelance writing experience, she simplifies complex Web3 topics into accessible content. Before focusing on Web3, she assisted various SMBs in Canada and the US across digital marketing, SaaS, and IT niches.

    Related Posts

    Add A Comment
    Leave A Reply