New MacOS Malware Cookieminer Targets Cryptocurrency Exchange and Wallet Accounts by Stealing Cookies

A new malware has surfaced the Cryptosphere which affects Mac users by stealing data from cookies containing login details of Cryptocurrency exchanges and wallets.

The malware dubbed “Cookieminer” has been discovered by Palo Alto Networks’ Unit 42 security research team. Cookieminer is an extension of another malware called OSX.DarthMiner which affects Mac users steals passwords from google chrome, iPhone messages and also iTunes backups on tethered machines.

By stealing SMS details the hackers could bypass two-factor authentication and get full access to the victim’s exchange and/or wallet accounts. The hackers could then use the account imitating the user and transfer funds elsewhere. The malware also installs coin mining software to mine Cryptocurrencies from the victim’s system without them knowing.

The miner configured by the malware is said to mine Japanese privacy based Cryptocurrency called Koto. Blockmanity recently reported that only 4.3% of all Monero is mined by Malware bots.

A blog post from Palo Alto networks highlights the capabilities of the malware:

• Steals Google Chrome and Apple Safari browser cookies from the victim’s machine
• Steals saved usernames and passwords in Chrome
• Steals saved credit card credentials in Chrome
• Steals iPhone’s text messages if backed up to Mac
• Steals cryptocurrency wallet data and keys
• Keeps full control of the victim using the EmPyre backdoor
• Mines cryptocurrency on the victim’s machine

Alex Hinchliffe, threat intelligence analyst at Palo Alto Networks’ Unit 42 research division told ZDNet:

“What it wants to do in combination with credentials which it’s harvested is impersonate that user from their own system, So they use the cookies to try and get past that initial login without suspicion.”

Mac Users are advised to keep an eye on their security settings and check their exchange and wallet accounts to verify if the funds are safe. It is best practice in the Cryptosphere to keep large amounts of Crypto in cold storage Hardware wallets instead of exchanges or hot wallets.

Discuss this news on our Telegram Community. Subscribe to us on Google news and do follow us on Twitter @Blockmanity

Did you like the news you just read? Please leave a feedback to help us serve you better

Disclaimer: Blockmanity is a news portal and does not provide any financial advice. Blockmanity's role is to inform the cryptocurrency and blockchain community about what's going on in this space. Please do your own due diligence before making any investment. Blockmanity won't be responsible for any loss of funds.