A newly discovered malware, Cthulhu Stealer, is observed on macOS users, which marks another important cyber security threat for Apple’s operating system.
The tool, identified by CADO Security, works like a malware-as-a-service (Maas) and uses Apple Disk Images (DMG) to hide itself as legitimate software.
How Cthulhu Stealer works
The Cthulhu staler focuses primarily on stealing sensitive information, including references and cryptocurrency portfolios, of its victims. Once a user has mounted the DMG and opens the disguised file, the Malware OSAScript, a macOS assignment control tool, uses to ask the user for his system and metamaswacht words.
The stolen data is stored in a folder and compressed in a ZIP file for exfiltration to the mission-and-control (C2) server of the malware. The stolen data include:
-
Keychain -passwords
-
Metamask and Coinbase Wallets
-
Game Account Details such as Battle.net
-
Browser cookies and extensions
Cthulhu Stealer mimics well -known software, such as Cleanmymac, Adobe Genp and a typo layer ‘Grand Theft Auto IV’, to mislead users to install it.
Agreements with disputes about atomic stable and developer
CADO Security has noticed considerable similarities between Cthulhu Stealer and the earlier atomic stealer, indicating that Cthulhu Stealer can be a modified version of the latter. Both malware variants use similar password prompts and data collection techniques, which suggests that they can share a developer.
Read more about cyber security trends that influence macOS users: Fake Meeting Software Spreads MacOS Infelealer
The operators behind Cthulhu Stealer, known as the ‘Cthulhu Team’, rent out the malware to affiliated companies for $ 500 a month. However, disputes about payments have reportedly led to accusations of fraud within the group, so that the most important developer is banned from a popular malware market.
Protect macOS against Cthulhu Stealer
According to Cado Security, the discovery underlines the evolving landscape for macOS users.
“Although macOS has long been considered a safe system, the existence of malware that focuses on Mac users remains an increasing security problem,” the company wrote.
To protect against similar threats such as Cthulhu Stealer, CADO Security recommends different precautions for macOS users. These include:
-
Download software only from trusted sources, such as the Apple App Store or the official websites of renowned developers
-
Switching on the built-in security functions of macOS, such as gatekeeper, to prevent the installation of un ganticed apps
-
Keep your system and applications up -To -date with the latest security patches
-
The use of renowned antivirus software for an extra protective layer
Image Credit: FarkNot Architect / Shutterstock.com