‘Cthulhu Stealer’ Malware Targets MetaMask and Other Cryptocurrency Wallets on Apple Mac Devices
Join us telegram Stay up to date with the latest news coverage by subscribing to our channels.
A new malware variant called “Cthulhu Stealer” is targeting Apple Mac users and can extract personal information and access many cryptocurrency wallets, including MetaMask.
The new malware appears as an Apple Disk image and disguises itself as legitimate applications such as CleanMyMac and Adobe GenP.
Cthulhu Stealer Asks Mac Users to Enter MetaMask Password
Mac users who open the malicious Apple Disk image are first prompted to enter their system password. A second prompt then asks the user to enter their system passphrase. Metamask wallet.
Cthulhu Stealer also targets other popular wallets that may be installed on a user’s device, such as Coinbase, Wasabi, and Electrum. BinanceBoth Atomic and Blockchain Wallets are at Risk
After saving the stolen data to a text file, the malware also extracts information such as the device’s IP address and operating system.
Similarities Between New Malware Discovered in 2023 and Atom Stealer
Cybersecurity firm Cado Security recently compared Cthulhu Stealer to a malware called Atomic Stealer discovered in 2023. Blog PostsBoth malware are designed to steal cryptocurrency wallet information, browser credentials, and keychain information.
“The functionality and features of Cthulhu Stealer are very similar to Atomic Stealer, making it likely that the developers of Cthulhu Stealer took Atomic Stealer and modified its code,” a researcher from Cado Security said in a blog post. The researcher added that both malware contain the same spelling errors in their prompts.
Recently, Cado Security identified a malware-as-a-service (MaaS) called “Cthulhu Stealer” targeting macOS users. This blog explores the capabilities of this malware and provides insight into how its operators perform their activities. https://t.co/nJCt6RnUfG
— Cado (@CadoSecurity) August 22, 2024
Cthulhu Stealer is being rented out to affiliates on Telegram for $500 per month. The malware’s lead developer also receives a percentage of the revenue generated from every successful deployment.
However, the scammers who created the malware appear to be no longer active, as they are accused of committing affiliate fraud through payment disputes.
Related articles:
PlayDoge (PLAY) – The latest ICO on the BNB chain
- 2D Virtual Dodge Pet
- Play to earn Meme Coin Fusion
- Staking and In-Game Token Rewards
- SolidProof Thanks – playdoge.io
Join us telegram Stay up to date with the latest news coverage by subscribing to our channels.