New macOS Malware Disguised as Trusted Apps to Steal Credentials and Crypto – What You Need to Know

NEWS
By
26 August 2024
The macOS malware sneaks into systems by pretending to be legitimate software, such as CleanMyMac, Grand Theft Auto IV, and Adobe GenP
New macOS Malware Disguised as Trusted Apps to Steal Credentials and Crypto - What You Need to Know
( Image credits: Ink drop via Adobe Stock )

While Mac users often consider themselves safer from viruses compared to their Windows counterparts, recent findings of macOS malware suggest otherwise. Security researchers have recently identified a new form of malware targeting macOS, designed specifically to steal sensitive information, including credentials and cryptocurrency wallets.

This newly discovered macOS malware, named Cthulhu Stealer, was identified by Cado Security as a Malware-as-a-Service (MaaS) that infiltrates infected systems to extract a wide range of data. Among the stolen information are saved passwords, browser cookies, crypto wallet data, and even details from Telegram accounts.

Initially spotted in late 2023, Cthulhu Stealer was sold on the dark web for a relatively low fee of $500 per month, making it an accessible tool for cybercriminals looking to exploit vulnerable systems.

Cado Security noted that the macOS malware was found being sold on prominent dark web marketplaces known for facilitating the trade of malicious software. These platforms serve as hubs for communication, negotiation, and advertising, where Cthulhu Stealer was actively promoted.

How Cthulhu Stealer Infiltrates Systems

The macOS malware sneaks into systems by pretending to be legitimate software. Some of the programs it impersonates include popular tools like CleanMyMac, Grand Theft Auto IV (likely meant to be VI), and Adobe GenP. However, when users attempt to install these fake programs, Apple’s Gatekeeper, a security feature designed to block malicious downloads, issues a warning. Ignoring this alert allows Cthulhu Stealer to ask for the user’s system password under the guise of a legitimate software installation. Once granted, the malware gains access to and steals sensitive data from the device.

According to Cado Security, the capabilities of Cthulhu Stealer are strikingly similar to those of Atomic Stealer, a previous macOS malware variant that was sold on Telegram for $1,000 per month. Atomic Stealer could also access keychain passwords, system information, and files on a Mac. This similarity suggests that Cthulhu Stealer might be a modified version of Atomic Stealer.

The Current State and Future Outlook

Fortunately, Cthulhu Stealer’s operations appear to have slowed down. Cado Security indicates that the team behind the macOS malware, known as the Cthulhu Team, is no longer active, likely due to dissatisfaction among affiliates who paid for the service but did not receive the promised payments.

However, this situation serves as a stark reminder that Apple users are not immune to cyber threats. Cado Security emphasizes the importance of being vigilant and exercising caution when installing software, especially from unofficial sources. They advise users to download software only from trusted sources to minimize the risk of infection.

Looking ahead, the upcoming release of macOS Sequoia this fall aims to bolster security against such threats. The new operating system will require users to go into their System Settings to allow unsigned software to run, instead of simply granting permission through an on-screen prompt. This added layer of security could make it more challenging for macOS malware like Cthulhu Stealer to infiltrate systems in the future.

By staying informed and cautious, macOS users can protect their data and reduce the risk of falling victim to macOS malware like Cthulhu Stealer.

Receive daily updates, inspiration, and exclusive deals delivered to your inbox.

Sign up to receive breaking news, reviews, opinions, top tech deals, and more.

By submitting your information, you agree to the Terms & Conditions and Privacy Policy and confirm you are 16 or older.

Share this page:

Copyright ©2024 TechyMenia. All Rights Reserved.

This article may include affiliate links. Please refer to our privacy policy for further details.

Related Articles

Top 10 AI Tools for Productivity in 2024
Published 11 December 2024 –
By Derek Louie
Chris Evans Marvel Return: Everything We Know So Far
Published 10 December 2024 –
By Grayson Reed
Today's NYT Strands Hints, Answers and Tips for Sept. 15, #196
Published 18 November 2024 –
By Landon Cole

About Author

More From TechyMenia

ASUS ROG Phone 9 Steps Up the Game with Ultra-Smooth 185Hz Display
Published 1 November 2024 –
By Grayson Reed
Dropbox Jobs in the Spotlight as 20% of Workforce Faces Layoffs
Published 31 October 2024 –
By Maya Ellis
Google Prepares Gemini 2.0 Launch to Compete with OpenAI’s Orion Model
Published 28 October 2024 –
By Ryker Westin
Huawei Phones
Published 26 October 2024 –
By Derek Louie