“Cthulhu Stealer” Malware Targets MetaMask And Other Crypto Wallets On Apple Mac Devices

Join Our Telegram channel to stay up to date on breaking news coverage

A new strain of malware by the name of “Cthulhu Stealer” is targeting Apple Mac users and can extract personal information as well as gain access to many crypto wallets including MetaMask.

The new malware appears as an Apple Disk image and disguises itself as a legitimate application such as CleanMyMac and Adobe GenP.

Phishing Scam Targeting MetaMask Crypto Wallet Holders Nets $650,000; Default Settings Stored Seed Phrases in iCloud - CPO Magazine

Cthulhu Stealer Prompts Mac Users To Enter Their MetaMask Password

Mac users who open the malicious Apple Disk image are first prompted to enter their system’s password. Thereafter, a second prompt asks users to enter the passphrase for their MetaMask wallets. 

Cthulhu Stealer also targets other popular wallets that may be installed on the users’ device. Wallets such as those from Coinbase, Wasabi, Electrum, Binance, Atomic and Blockchain Wallet are all at risk.

Information such as the device’s IP address and operating system are also extracted by the malware once it has stored the stolen data in text files.

Similarities Between The New Malware And The Atomic Stealer Identified In 2023

Cybersecurity firm Cado Security drew comparisons between Cthulhu Stealer and a malware that was identified in 2023 called Atomic Stealer in a recent blog post. Both malwares are designed to steal crypto wallet information, browser credentials and keychain information.

“The functionality and features of Cthulhu Stealer are very similar to Atomic Stealer, indicating the developer of Cthulhu Stealer probably took Atomic Stealer and modified the code,” said a researcher from Cado Security in the blog post. Both malwares even include the same spelling mistakes in their prompts, the researcher added.

Cthulhu Stealer is being rented out on Telegram to affiliates for $500 per month. The lead developer of the malware also gets a percentage of the profits from every successful deployment.

However, scammers behind the malware seem to no longer be active due to disputes over payments that have led to accusations of an exit scam by affiliates.

Related Articles:

PlayDoge (PLAY) – Newest ICO On BNB Chain

PlayDogePlayDoge
  • 2D Virtual Doge Pet
  • Play To Earn Meme Coin Fusion
  • Staking & In-Game Token Rewards
  • SolidProof Audited – playdoge.io

PlayDogePlayDoge


Join Our Telegram channel to stay up to date on breaking news coverage


Credit: Source link

Comments are closed.

Please enter CoinGecko Free Api Key to get this plugin works.