Roc  · 06/17/22

MacOS Malware Targeting Crypto Community, Spreading Through Admin Impostors

04/08/22 · Reports · This is not a financial advice
Altcoin Trading Blog

Note: This report was written in 2018 and remains published for reference purposes.


Glossary entries for this post
cryptocurrency-wallet
crypto-opsec
Browse The Most Searched-For Topics
hub
dca
 
Paybis crypto to skrill neteller

The SANS Internet Storm Center published a report on 29th June 2018 analyzing a new malware that targets the cryptocurrency community. This time the malware targets MacOS, at this stage it is not very sophisticated but as affordable and easy to use as it is, a lot of people will surely try and improve on it.

This particular iteration is a heavy script that downloads a malware package from a cloud host. Victims get to download the installer themselves: The attacker posts a line of code into crypto communities on Slack and Discord from an account with username and avatar similar to the one of an admin or developer.

Since most crypto projects have community beta testing chats, the impostor dev strategy should be reasonably successful even though for an outsider it probably looks quite lame and obvious. It also costs next to nothing, just like email phishing and social engineering, which means we should expect these attacks are here to stay and will only get more intricate with time.

According to trendmicro.com this is also the overall prediction for year 2018 in cyber security: phishing has been a huge success, especially using fake sites and malicious PDF files, of course it will grow. It does not need a lot of technical skill to pull this off, targeted attacks can be sold as a service and literally even a child can afford that from their pocket money.

The particular type of malware is likely going to vary, even ancient OG malware schemes are now getting upgraded to check for cryptocurrency wallet files on the victim machine.

Stay safe out there…Couple years ago that would refer to “Do not get rekt by accidentally entering a trade against Okcoin whale”. We have come a long way.


Related post, as ever: Tiered Device Management for Crypto Holders

Latest Airdrops & Bounties (Updates Mo + Thu nights)

airdrop Sunrise Gaming Airdrop - Promises 66 USD per winner but it's a lucky draw to only ...
airdrop Green Uni Network Airdrop - First come first earns, this airdrop pays to 10k first us...
airdrop JSC token (SOL) Airdrop - First 10K users who complete social tasks via Google Form...
airdrop CoinEx (TRX) Airdrop - Follow a bunch of accounts via Gleam to get a chance in t...
bounty PAXO Finance Testnet Bounty - PAXO is a Polygon app that is doing a testnet run of its ...
bounty MEME airdrop - Phase II of the airdrop. The 2.75 billion $MEME airdrop i...
bounty X Meta Fans Bounty (BSC BEP20) - Long running marketing bounty with 75k USD pool. Facebook...
exchange promo Ledger 'Not Your Keys' promo - 20% discount code - NYKNYC
exchange promo Bitget Giveaway - live
exchange promo Stacked Waitlist $25 Gift - live
exchange promo BitMart Welcome Bonus (up to 3k USD) - 3 tasks
exchange promo Wombat Exchange DEX airdrops - to farmers

Disclosure: All products featured on AltcoinTrading.NET are independently chosen, but some of the links on this page are affiliate links. Read our full content disclosure to learn more.