Researchers Discover New Crypto Mining Malware That Targets Apple Mac Computers
Researchers have discovered yet another crypto-jacking malware that targets browser cookies and other personal information on unsuspecting victims’ computers that run the Apple OS.
The malware attacks Apple Mac computers, covertly installing software that modifies the computer to enable the attack mine or steal cryptocurrencies.
The new bug was discovered by Unit 42 researchers at Palo Alto Networks, a cybersecurity firm that has in the past warned of similar malware attacks.
The group’s report, published on Thursday this week, says that “CookieMiner,” works by intercepting a browser’s cookies associated with crypto exchanges and wallet provider websites that victims visit.
According to the Palo Alto Networks team, the malicious code is designed to attack popular crypto exchanges including Coinbase, Binance, Poloniex, Bittrex, and MyEtherWallet among others. It also targets any website that has the word “blockchain” as part of its domain name, the group said.
Also, the malware will try to steal users’ credit card information from global issuers like Visa, Mastercard, Discover, and American Express. But that’s not all; it can access a victim’s Chrome browser to steal their saved usernames and passwords.
The researchers added that iPhone text messages backed up on a Mac computer or iTunes are also targeted as are crypto wallet keys.
A successful attack that manages to steal these details will see the information used by hackers to access crypto exchange and victims’ wallet accounts from where they can steal funds.
According to Unit 42, “CookieMiner” will use a combination of these credentials and web cookies to “navigate past the authentication process” to sneak into cryptocurrency exchange accounts from which they withdraw money.
The researchers note in their report that stealing directly from accounts could be “a more efficient way to generate profits” than when the attackers use the device’s computational power to mine cryptocurrency.
The CookieMiner is similar to another malware that has been widely used by attackers to mine privacy coin Monero. However, this particular crypto jacking bug reportedly targets crypto called Koto.
The researchers also noted that this particular malware would first check whether a victim’s computer is running a firewall program called Little Snitch. If it does, the malware “will stop and exit,” they explained.
Crypto-mining malware attacks have increased sharply over the last year, nearly four times compared to 2016 and 2017.
A study conducted by cybersecurity firm McAfee last December showed that there had been 4 million crypto mining malware threats in Q3of 2018 alone, a sharp increase from 500,000 in the two years before.
The researchers have recommended that an individual should never store their personal information, including things like passwords and usernames in web browsers. It is also advisable that users clear cookies “especially when visiting financial accounts.”
The standard practice is that website operators will limit the time that cookies remain active on a browser. However, people should take precaution and stop assuming that everything is okay due to the limitation.
Disclaimer: This is not investment advice. Cryptocurrencies are highly volatile assets and are very risky investments. Do your research and consult an investment professional before investing. Never invest more than you can afford to lose. Never borrow money to invest in cryptocurrencies.