A new malware has surfaced the Cryptosphere which affects Mac users by stealing data from cookies containing login details of Cryptocurrency exchanges and wallets.
The malware dubbed “Cookieminer” has been discovered by Palo Alto Networks’ Unit 42 security research team. Cookieminer is an extension of another malware called OSX.DarthMiner which affects Mac users steals passwords from google chrome, iPhone messages and also iTunes backups on tethered machines.
By stealing SMS details the hackers could bypass two-factor authentication and get full access to the victim’s exchange and/or wallet accounts. The hackers could then use the account imitating the user and transfer funds elsewhere. The malware also installs coin mining software to mine Cryptocurrencies from the victim’s system without them knowing.
The miner configured by the malware is said to mine Japanese privacy based Cryptocurrency called Koto. Blockmanity recently reported that only 4.3% of all Monero is mined by Malware bots.
A blog post from Palo Alto networks highlights the capabilities of the malware:
Alex Hinchliffe, threat intelligence analyst at Palo Alto Networks’ Unit 42 research division told ZDNet:
“What it wants to do in combination with credentials which it’s harvested is impersonate that user from their own system, So they use the cookies to try and get past that initial login without suspicion.”
Mac Users are advised to keep an eye on their security settings and check their exchange and wallet accounts to verify if the funds are safe. It is best practice in the Cryptosphere to keep large amounts of Crypto in cold storage Hardware wallets instead of exchanges or hot wallets.
Discuss this news on our Telegram Community. Subscribe to us on Google news and do follow us on Twitter @Blockmanity
Did you like the news you just read? Please leave a feedback to help us serve you better
Disclaimer: Blockmanity is a news portal and does not provide any financial advice. Blockmanity's role is to inform the cryptocurrency and blockchain community about what's going on in this space. Please do your own due diligence before making any investment. Blockmanity won't be responsible for any loss of funds.
Circle of Games (COG)—Web3's multi-gaming platform has raised a $1mn round from Nazara, with participation…
Unconference Bali 2024, Asia’s premier Web3 event, is poised to take center stage against the…
Tradeleaf, a leading FinTech company empowering global trade through digital solutions, recently celebrated a significant…
Foundership Global Accelerator, a prominent force in the Web3 & Emerging-Tech Community boasting over 10,000…
April 16, 2024 - Condo, the world's first real-world asset (RWA) meme token, was recently…
The Partisia Blockchain Foundation, at the forefront of crafting privacy-enhancing and interoperable blockchain platforms, today…