A new cybersecurity threat has emerged for MacOS users, as Kaspersky Labs uncovers a sophisticated malware campaign targeting cryptocurrency wallets. This malware infiltrates users' systems through pirated applications, replacing their hot Bitcoin and Exodus wallets with infected versions.
The malware, discovered in December, exploits users' tendencies to seek out cracked apps from unauthorized sources. It operates by gaining the user's computer security password through an activator box. Once the user inputs their password, the malware gains access to the private keys of crypto wallets when they attempt to open compromised versions of these wallets.
Researchers describe this malware as "seriously ingenious." It was being actively developed as it was tracked, indicating an ongoing threat. The final payload delivered by this malware is a backdoor that can execute any script with administrator privileges. It replaces legitimate applications of Exodus and Bitcoin wallets with infected versions that immediately steal secret recovery phrases upon unlocking the wallet.
To safeguard against such threats, Kaspersky Labs advises using trusted websites for downloads, keeping the computer's operating system updated, and employing a robust security solution. Other hacker tactics include disguising malware as legitimate wallets on online stores or fake websites, a strategy so prevalent that the FBI has issued warnings against it.
This malware campaign is part of a growing trend where hackers are increasingly targeting users in the decentralized finance community. In November, the North Korean Lazarus Group launched a similar malware attack specifically targeting MacOS users in DeFi, primarily circulating in Discord groups.
Disclaimer: Please note that the information provided in this article is based on the referenced research articles. It is essential to conduct further research and analysis before making any investment decisions. The cryptocurrency market is highly volatile, and investors should exercise caution and consult with financial professionals before engaging in cryptocurrency trading or investment activities.