Apple Mac users are facing a new security threat with the emergence of a malware strain known as “Cthulhu Stealer.” This sophisticated malware targets popular cryptocurrency wallets, including MetaMask, Coinbase, and Binance, posing significant risks to users’ financial and personal data.
Recently, Cado Security has identified a malware-as-a-service (MaaS) targeting macOS users named “Cthulhu Stealer”. This blog will explore the functionality of this malware and provide insight into how its operators carry out their activities: https://t.co/nJCt6RnUfG
To deceive users, Cthulhu Stealer disguises itself as legitimate software, such as CleanMyMac and Adobe GenP. According to Tara Gould, a Threat Researcher at Cado Security, “The malware appears as an Apple disk image (DMG) and uses macOS command-line tools to trick users into entering their passwords.”
Once the malicious DMG file is mounted, users are prompted to provide their system password. Subsequently, a second prompt requests the MetaMask password. The malware then extracts credentials and other sensitive information from the user’s system. This includes data from crypto wallets and other platforms, such as web browser cookies and Telegram account information.
The Business of Malware
Cthulhu Stealer operates on a malware-as-a-service (MaaS) model, renting the malware out to affiliates for $500 per month. Scammers promote it via Telegram and use tactics, such as fake job offers, to lure victims into installing the malware. This model highlights a concerning trend in the cybercrime industry, where sophisticated tools are rented out to other criminals.
Apple’s Response to Increasing Threats
In light of the growing threats, Apple has updated its security measures. On August 6, Apple announced enhancements to its macOS operating system, making it more challenging for users to bypass Gatekeeper protections. These updates aim to bolster macOS security by preventing unauthorized software from running.
In addition to system updates, users are advised to install reputable antivirus software, exercise caution when downloading applications, and stay informed about the latest security practices.
Conclusion
The discovery of Cthulhu Stealer underscores the evolving nature of cyber threats against macOS systems. Despite the platform’s historically strong security reputation, no system is immune to malware. Users must remain vigilant and proactive in securing their devices and personal information.
