New Malware Uses Pirated Apps On MacOS To Hijack Crypto Wallets
Latest News News

New Malware Uses Pirated Apps On MacOS To Hijack Crypto Wallets

Kaspersky Labs has found new malware that enters macOS users’ computers through pirated apps and replaces their hot Bitcoin and Exodus wallets with infected versions. 

According to the researchers, the hackers are still developing the malware in preparation for a new campaign.

Researchers uncovered a “family” of new trojan proxies in December. Hackers were compromising, or “cracking,” legitimate apps that users downloaded the app unauthorized sources along with the malware:

“Cybercriminals […] realize that an individual looking for a cracked app will be willing to download an installer from a questionable website and disable security on their machine, and so they will be fairly easy to trick into installing malware as well.”

The malware targets macOS versions 13.6 and above. 

See Also: Evernode, Built On XRP Ledger, Encounters Node Glitch Shortly After Launch

The hackers gain access to a user’s computer security password when the user enters it into an activator box and to the private keys to crypto wallets when the user tries to open crypto wallets compromised by the malware.

The malware itself was being written as researchers traced it, they observed. Although the method is basic, the malware itself was “seriously ingenious,” the researchers said. 

As a result:

“The final payload was a backdoor that could run any scripts with administrator privileges, and replace Exodus and Bitcoin cryptowallet applications installed on the machine with infected versions that stole secret recovery phrases the moment the wallet was unlocked.”

The unfolding malware campaign can be avoided by using trusted websites, keeping the computer’s operating system updated and using a security solution on it, Kaspersky reminded.

Other techniques used by hackers include disguising malware as a legitimate wallet on online stores or fake websites. 

That activity has become so common that the United States Federal Bureau of Investigation issued a warning about it.

In November, the North Korean Lazarus Group of hackers created malware that targeted macOS users in the decentralized finance community that circulated in Discord groups.

Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions. Crypto is not a legal tender and is subject to market risks. Readers are advised to seek expert advice and read offer document(s) along with related important literature on the subject carefully before making any kind of investment whatsoever. Crypto market predictions are speculative and any investment made shall be at the sole cost and risk of the readers.