New Strain of Malware Targets Bitcoin and Exodus Wallets on macOS
Cybersecurity firm Kaspersky Labs has discovered a new strain of malware that specifically targets macOS users and their Bitcoin and Exodus wallets. The malware is distributed through pirated software and replaces legitimate wallet applications with infected versions. The hackers behind this malware are developing it for an upcoming campaign.
Hackers Exploit Cracked Versions of Legitimate Applications
Kaspersky researchers found this new family of trojan proxies in December. The hackers exploited cracked versions of legitimate applications downloaded from unauthorized sources. They took advantage of users who disabled security measures and installed software from questionable websites.
The Malware’s Functionality and Targets
The malware targets macOS versions 13.6 and above. It steals a user’s computer security password when entered into an activator box. It also gains access to the private keys of compromised crypto wallets when users attempt to open them. The malware functions as a backdoor, granting hackers administrator privileges to replace legitimate wallet applications with infected versions. These infected versions steal recovery phrases as soon as the wallet is unlocked.
Protecting Against the Malware
To avoid falling victim to this malware campaign, Kaspersky advises users to stick to trusted websites, keep their operating systems updated, and use reliable security solutions. Hackers have employed other techniques, such as disguising malware as legitimate wallets or creating fake websites.
Hot Take: Decline in Crypto Hacking Incidents
In 2023, there was a slight decline in hacking incidents targeting the cryptocurrency industry compared to previous years. According to De.FI, hackers stole around $2 billion in digital assets throughout the year. This marks the first decrease in crypto hacking incidents since 2021. However, in 2022, cybercriminals stole an all-time high of $3.8 billion in the crypto realm, with the Lazarus Group responsible for $1.7 billion of that total. The group aimed to fund North Korea’s nuclear weapons program in violation of international sanctions. In 2021, hackers seized $3.3 billion in digital assets.