- Cthulhu Stealer: New threat to macOS
- Data stealing methods of Cthulhu Stealer
- Pricing and protection strategies
Cado Security has discovered a new malware called Cthulhu Stealer that targets macOS users and steals cryptocurrency from wallets like MetaMask and Binance.
Cthulhu Stealer: New threat to macOS
Cado Security has debunked the belief that macOS systems are impervious to malware by discovering a new virus called Cthulhu Stealer. This malware targets macOS users by disguising itself as legitimate applications like CleanMyMac and Adobe GenP, as well as an early release of 'Grand Theft Auto VI.'
Data stealing methods of Cthulhu Stealer
Once the malicious DMG file is installed, users enter passwords for the system and MetaMask. The malware then uses osascript to extract passwords from the Keychain. The collected data, including information from wallets like MetaMask, Coinbase, and Binance, is stored in a zip archive identified by the user's country code and the time of the attack. Cthulhu Stealer also targets data from Chrome extension wallets, Minecraft, Wasabi wallet, and other platforms.
Pricing and protection strategies
The developers and affiliates of the malware distribute Cthulhu Stealer through Telegram, renting it out for $500 per month. Marketing and advertising are also conducted through specialized platforms. To protect themselves, users are advised to install antivirus software for macOS, avoid suspicious job offers, and regularly update software.
Cthulhu Stealer highlights the need for enhanced protection of macOS against malware. Users should remain vigilant and adopt modern cybersecurity measures.
