Categories: CryptocurrencyNews

New MacOS Malware Cookieminer Targets Cryptocurrency Exchange and Wallet Accounts by Stealing Cookies

A new malware has surfaced the Cryptosphere which affects Mac users by stealing data from cookies containing login details of Cryptocurrency exchanges and wallets.

The malware dubbed “Cookieminer” has been discovered by Palo Alto Networks’ Unit 42 security research team. Cookieminer is an extension of another malware called OSX.DarthMiner which affects Mac users steals passwords from google chrome, iPhone messages and also iTunes backups on tethered machines.

By stealing SMS details the hackers could bypass two-factor authentication and get full access to the victim’s exchange and/or wallet accounts. The hackers could then use the account imitating the user and transfer funds elsewhere. The malware also installs coin mining software to mine Cryptocurrencies from the victim’s system without them knowing.

The miner configured by the malware is said to mine Japanese privacy based Cryptocurrency called Koto. Blockmanity recently reported that only 4.3% of all Monero is mined by Malware bots.

A blog post from Palo Alto networks highlights the capabilities of the malware:

  • Steals Google Chrome and Apple Safari browser cookies from the victim’s machine
  • Steals saved usernames and passwords in Chrome
  • Steals saved credit card credentials in Chrome
  • Steals iPhone’s text messages if backed up to Mac
  • Steals cryptocurrency wallet data and keys
  • Keeps full control of the victim using the EmPyre backdoor
  • Mines cryptocurrency on the victim’s machine

Alex Hinchliffe, threat intelligence analyst at Palo Alto Networks’ Unit 42 research division told ZDNet:

“What it wants to do in combination with credentials which it’s harvested is impersonate that user from their own system, So they use the cookies to try and get past that initial login without suspicion.”

Mac Users are advised to keep an eye on their security settings and check their exchange and wallet accounts to verify if the funds are safe. It is best practice in the Cryptosphere to keep large amounts of Crypto in cold storage Hardware wallets instead of exchanges or hot wallets.


Discuss this news on our Telegram Community. Subscribe to us on Google news and do follow us on Twitter @Blockmanity

Did you like the news you just read? Please leave a feedback to help us serve you better

Disclaimer: Blockmanity is a news portal and does not provide any financial advice. Blockmanity's role is to inform the cryptocurrency and blockchain community about what's going on in this space. Please do your own due diligence before making any investment. Blockmanity won't be responsible for any loss of funds.

Shrikar Parashar

Shrikar is a Blockchain evangelist. He is a die-hard fan of security tokens. He follows the market closely but does not trade. He believes in Hodling.

Share
Published by
Shrikar Parashar

Recent Posts

Bullish Signals for Sui Blockchain: Top SUI meme projects of 2024

Macro guru and Real Vision CEO Raoul Pal shone the spotlight on a rising layer-1…

2 months ago

AI Companions: A New Era of Digital Relationships and Virtual Experiences

As the technology landscape transforms at lightning speed, AI Companions has positioned itself as a…

2 months ago

zkCross Network: Simplifying DeFi Complexity and Achieving Fundraising Success

Did you know that 85% of DeFi value is concentrated in six blockchains?  DeFi is…

2 months ago

Don’t Miss Out: Get $CLP Tokens in the Exclusive RWA IDO Now!

CLAPART - a groundbreaking RWA platform has launched its much-anticipated $CLP token IDO on Gempad…

3 months ago

Step into the Future of Web3 at Blockchain Futuristic Conference 2024, August 13-14

Join us at BFC 2024 to explore the future of Web3. Use a special discount…

4 months ago

WebX Asia 2024: Web3 Innovation Ignites in Tokyo

Catch all the updates with Altcoin Observer, official media partner of WebX Asia 2024. Gear…

4 months ago