Kaspersky Uncovers Mac Malware That Can Steal Crypto Passwords

A Trojan illustrated beside an Apple logo

Apple users have been urged to be vigilant as cybersecurity firm Kaspersky reports a verified macOS exploit targeting the latest operating system version. The exploit is designed to deceive Exodus wallet users into unwittingly downloading a fraudulent version of the software. The malware targets macOS versions 13.6 and above, Intel or Apple Silicon devices are highly vulnerable.

Blending in

A cunning malware campaign has emerged, targeting popular cryptocurrency wallets like Exodus on the latest macOS versions. Cybersecurity firm Kaspersky issued a stark warning, urging users to stay vigilant and take immediate action to protect their digital assets.

Deceptive tactics are the name of the game. Hackers have crafted fake versions of Exodus wallet app, designed to seamlessly blend in with the real ones. These fraudulent apps can be easily downloaded through compromised or illegitimate websites, masquerading as the official sources.

Once unsuspecting users install the fake wallets, their private keys and login credentials are exposed. Imagine opening your seemingly legitimate wallet app, only to find your hard-earned Bitcoin or Exodus tokens mysteriously have vanished. It’s a chilling scenario no crypto enthusiast wants to face.

A Stealthy Malware

“The macOS malware being linked to pirated software highlights the serious risks. Cybercriminals use pirated apps to easily access users’ computers and get admin privileges by asking them to enter the password,” said Sergey Puzan, security researcher at Kaspersky. “The creators show unusual creativity by hiding a Python script in a DNS server’s record, increasing malware’s level of stealth in the network’s traffic. Users should be extra cautious, especially with their cryptocurrency wallets. Avoid downloading from suspicious sites and use trusted cybersecurity solutions for better protection.”

Widespread Impact

The malware doesn’t discriminate. It targets both Intel and Apple Silicon Macs running macOS 13.6 and later versions. This broad range amplifies the potential damage, making vigilance crucial for every Mac user involved in cryptocurrency.

It is advised that users download only from official sources: Stick to the App Store or verified developer websites when downloading wallet apps. Avoid third-party marketplaces or suspicious links.

Double-check app signatures: Before launching any downloaded app, verify its digital signature to ensure it hasn’t been tampered with.

Keep your Mac updated: Install the latest macOS security patches as soon as they become available.

Apple routinely plugs security vulnerabilities, so staying updated strengthens your defenses.

Use 2FA

Use strong passwords and two-factor authentication: Implement robust passwords and enable two-factor authentication (2FA) on your cryptocurrency accounts for an extra layer of security.

By remaining informed and taking these precautionary measures, Mac users can effectively shield their crypto wallets from this malicious threat. It is important to note that staying vigilant in the digital world is key to safeguarding your valuable assets.

Author: Cornelius

Cornelius is a crypto trader. He holds some cryptocurrencies.