• Dapps:16.23K
  • Blockchains:78
  • Active users:66.47M
  • 30d volume:$303.26B
  • 30d transactions:$879.24M

New Cthulhu Stealer Malware Threatens Mac Users, Including Crypto Wallets

user avatar

by Giorgi Kostiuk

2 years ago

  1. How Cthulhu Stealer Works?
  2. Similarities with Other Malware
  3. Current Situation with Cthulhu Stealer


    4. A new strain of malware named Cthulhu Stealer is targeting Apple Mac users, capable of extracting personal information and accessing crypto wallets.

    How Cthulhu Stealer Works?

    The new malware appears as an Apple Disk image, disguising itself as legitimate applications like CleanMyMac or Adobe GenP. Users who open the malicious file are prompted to enter their system’s password, followed by a prompt for their MetaMask wallet password. It also targets other popular wallets installed on the device, including Coinbase, Wasabi, Electrum, Binance, Atomic, and Blockchain Wallet. The malware gathers information such as the device’s IP address and operating system, storing the stolen data in text files.

    Similarities with Other Malware

    Cybersecurity firm Cado Security identified similarities between Cthulhu Stealer and a malware called Atomic Stealer discovered in 2023. Both are designed to steal crypto wallet information, browser credentials, and keychain information.

    The functionality and features of Cthulhu Stealer are very similar to Atomic Stealer, indicating the developer of Cthulhu Stealer probably took Atomic Stealer and modified the code.a researcher from Cado Security

    Current Situation with Cthulhu Stealer

    Cthulhu Stealer is being rented out on Telegram to affiliates for $500 per month. The lead developer also takes a percentage of the profits from every successful deployment. However, the scammers behind the malware seem to have become inactive due to disputes over payments, leading to accusations of an exit scam by affiliates.

    The new Cthulhu Stealer malware poses a significant threat to Apple Mac users by stealing personal information and targeting popular crypto wallets. Users are advised to be cautious of suspicious files and not to enter their passwords on dubious sites.

0

Rewards

chest
chest
chest
chest

More rewards

Discover enhanced rewards on our social media.

chest

Other news

Iran Launches Bitcoin-Backed Insurance Service Amid War

chest

Iran has introduced a Bitcoin-backed insurance service for shipping in the Strait of Hormuz as it seeks to navigate US sanctions.

user avatarDavid Robinson

US Inflation Rises Amid Ongoing US-Iran War

chest

US inflation rates are climbing to multi-year highs, influenced by the ongoing US-Iran conflict.

user avatarJacob Williams

US-Iran War Continues with Threats of New Strikes

chest

US President Donald Trump threatens new military action against Iran as the US-Iran war approaches three months without a peace deal.

user avatarAndrew Smith

Bankr Confirms Breach and Pledges Reimbursement

chest

Bankr has confirmed a security breach affecting 14 wallets, leading to unauthorized access and significant losses for users. The platform pledged to cover all losses and advised affected users to check for malware.

user avatarSon Min-ho

Austen Allred's Wallet Drained in Bankr Breach

chest

Tech entrepreneur Austen Allred was a victim of a crypto hack that drained his wallet linked to the Kelly Claude AI assistant. The hacker extracted Ether while leaving his memecoin holdings untouched. The incident occurred on May 19, 2026, on the Bankr platform, which allows users to send plain-language instructions to an AI for executing trades. The breach is believed to be a social engineering scheme. Bankr has temporarily shut down all transaction activities and pledged to reimburse all lost funds.

user avatarZainab Kamara

Nostr VPN Introduces Peer-to-Peer Architecture for Enhanced Privacy

chest

Nostr VPN introduces a unique peer-to-peer architecture that enhances privacy by eliminating central servers and allowing users to operate their own exit nodes.

user avatarAyman Ben Youssef

Important disclaimer: The information presented on the Dapp.Expert portal is intended solely for informational purposes and does not constitute an investment recommendation or a guide to action in the field of cryptocurrencies. The Dapp.Expert team is not responsible for any potential losses or missed profits associated with the use of materials published on the site. Before making investment decisions in cryptocurrencies, we recommend consulting a qualified financial advisor.