Latest on ATNET:

#ftx-collapse #custodial-trading
#crypto-fundamentals #yield
BTCUSD
D HIGH
D LOW

Data:   Charts:

Kc  · 09/01/22

Mac malware “CookieMiner” targets crypto traders, aims to bypass 2FA on exchanges and web wallets

Altcoin Trading Blog
06/27/23 · Reports

Note: This report was written in 2019 and remains published for reference purposes only.


Here's what the malware does and how to protect your crypto.
Subscribe to our RSS feed
Airdrops / Blog
 

Coinrule

Palo Alto Networks’ Unit 42 reported a new malware that targets Mac users.

The malware was developed from code used for older campaigns and so it also goes for the obvious steady revenue generation through illicit mining.

Cryptojacking has solidified into good practice in the business of commercial malware, and so this particular one also taps into your laptop’s power to mining Monero. It also adds Koto, a lesser-known Japanese cryptocoin, that supports GPU mining.

What it does

Crypto mining is not dangerous, the real danger of this malware (dubbed CookieMiner) lies in its other areas of focus:

  • CookieMiner will steal browser cookies, particularly looking for data related to mainstream cryptocurrency exchanges and crypto web wallets.
  • It also steals saved passwords from Chrome browser.
  • If you have iTunes backups for your iPhone, it will also get your text messages.

This combination of credentials will probably allow the CookieMiner authors to get around multi-factor authentication on crypto exchanges and web wallets.

The malware comes with a script that gives the attacker remote control over your Mac and potentially can remain hidden for a good amount of time, patiently waiting until all necessary credentials are collected to exploit your exchange and wallet accounts.

The attacker could also leverage their remote access to later install a keylogger, while profiting from the crypto mining in the meantime.

How to protect your crypto

The report doesn’t mention in what kind of campaign this malware spreads.

There have been several major phishing mail blasts lately, some even very legitimate looking job offers with malicious documents in attachments.

The advice here is to be vigilant about what you click on in your e-mails. Similar level of attention should go to downloading new wallets and apps, perhaps for your airdrops.

It is always safer to have a triered device system for crypto, including a burner device that you use as a dumpster for every activity that is potentially dangerous.


Disclosure: All products featured on AltcoinTrading.NET are independently chosen, but some of the links on this page are affiliate links. Read our full content disclosure to learn more.

Latest Airdrops & Bounties - Updated Daily

new Whac Airdrop - FCFS 100 and random 100 get 1 USD worth each.
new BPD airdrop - Listing promo (Poloniex) with a pool with 5k USD.
new BSU airdrop - Random 200 split a pool of 2k USD worth.
new XOX labs airdrop - Long-running Gleam. 200 winners who will get 100 USD wort...
airdrop MELD Airdrop - Only 5 winners here but each gets 200 USD worth of token.
airdrop Drive step giveaway - Only 50 winers but price worth over 500 USD.
airdrop HYME airdrop - Random 249 get 10 USD worth each. Shills up to 100 USD wo...
promo PYUSD staking promo - since 16 Aug
promo LATOKEN events - until 20 Aug
promo Phemex Bot Bonanza - until 30 Sep
promo VCNT bonus on Bitforex - 8 - 22 Aug
promo Mint Bybit Velocity Pass - live now