Recently, Kaspersky Lab discovered a new type of malicious software that specifically targets macOS users. This software, distributed through unlicensed versions of programs, is capable of replacing genuine Bitcoin and Exodus hot wallets with infected copies.

This tactic allows hackers to steal passwords and private keys of cryptocurrency wallets. Versions of macOS 13.6 and newer are particularly vulnerable. The malicious software is constantly modified, making it difficult to detect and eliminate. It can install backdoors that provide administrative access and replace legitimate applications with infected versions that steal secret phrases when unlocking wallets.

Experts emphasize the importance of using reliable sources for downloading software, regularly updating operating systems, and implementing protective measures to prevent such attacks. They also point out the common practice of hackers disguising malicious software as real wallets in online stores or on fake websites.

This issue has become so serious that even the Federal Bureau of Investigation in the United States has issued a corresponding warning. In November last year, the North Korean hacker group Lazarus used similar methods to attack macOS users in the DeFi community on Discord.