We have often heard about how Macs don’t get viruses because of the way they are developed, but this might come as a shocker that Security researchers that Palo Alto Networks Unit 42 recently identified a mac malware that steals cryptocurrencies.
This new malware is dubbed as CookieMiner by the researchers, and it is believed that it was developed from an earlier version of a malware known as OSX.DarthMiner which was identified in 2018.
The CookieMiner malware is used to steal the browser history of a user from Chrome. This data includes stealing the user’s password and login information along with the cookies that are associated with the crypto exchanges. The virus can also access the iTunes backup to piece together the information that is required to bypass the two-factor authentication and gain access to victim’s cryptocurrency wallet.
In case the malware fails to access any cryptocurrency wallet, it will install software on the Mac that would mine cryptocurrency for the hackers. Unit 42 suggested Mac users clear their browser caches and history after logging in to financial accounts.
They further suggested users use an alternative browser on the Mac and avoid using Chrome as it is prone to attacks. Since it can also access iTunes, storing data on iCloud is suggested to save the user from any attack or data theft. This malware manipulates the system like CoinTicker last year displayed prices of cryptocurrencies and looked friendly, but it was installing the OSX.EvilEgg malware in the system.
