Cybersecurity firm Kaspersky Labs has uncovered a new strain of malware specifically designed to target macOS users and their Bitcoin and Exodus wallets.
The company said in a press release on Monday that the malware is distributed through pirated software and replaces legitimate wallet applications with infected versions.
The researchers at Kaspersky believe that the hackers are developing the malware for an upcoming campaign.
The discovery was made in December when Kaspersky researchers stumbled upon a new family of trojan proxies.
The hackers behind this malware exploited cracked versions of legitimate applications downloaded from unauthorized sources.
They took advantage of users willing to disable security measures and install software from questionable websites.
Our experts review a new #macOS backdoor exploiting cracked software, targeting #Bitcoin & #Exodus wallets. This malicious software replaces the wallets with #malware, deploying a potent backdoor running scripts with admin privileges.
Full report ⇒ https://t.co/eJXIdp9n3b pic.twitter.com/5Kw0ppUZYg
— Kaspersky (@kaspersky) January 22, 2024
The malware specifically targets macOS versions 13.6 and above.
It works by stealing a user’s computer security password when it is entered into an activator box.
The malware also gains access to the private keys of the compromised crypto wallets when users attempt to open them.
While the method used by the hackers is relatively basic, the malware itself is described as “seriously ingenious” by the researchers.
It functions as a backdoor, granting the hackers administrator privileges and allowing them to replace the legitimate Exodus and Bitcoin wallet applications with infected versions.
These infected versions then steal the secret
Read more on cryptonews.com