In order to overcome multi-factor authentication systems, a Trojan is supposed to pick up iPhone text messages as well as cookies and passwords.
A newly discovered Mac malware targets users of crypto exchanges. The “CookieMiner” baptized malicious software tries to copy all cookies from the browsers Safari and Chrome, which come from crypto exchanges – including Coinbase, Binance and MyEtherWallet and all websites with the word “Blockchain”, such as the security firm Palo Alto Networks’ Unit 42 lists.
Malware also interested in iPhone text messages
The malware is also out to read access data including passwords and stored credit card data from Google Chrome, collect data and keys from crypto-wallets and even tapping SMS messages that the user has received on his iPhone, according to an analysis of the malware , This is only possible if iPhone backups are backed up locally via iTunes on the Mac (unencrypted).
With this far-reaching combination of stolen data, attackers could even overcome the multifactor authentication systems of crypto exchanges, the security researchers believe – and thus gain complete access to victim’s accounts and wallets.
Distribution and route of infection unknown
By setting up a backdoor, CookieMiner maintains full control of the Mac, allowing it to take further commands from the remote attacker. It also checks whether security software for controlling outgoing network traffic is installed on the Mac, as Unit 42 notes. If so, the pest will not connect to the attackers’ servers. In addition, CookieMiner uses the infected Mac to mine the cryptocurrency Koto.
From the report of the security company is not clear, in which way the pest is distributed. Also for the infection there is no further indication, presumably the user must install the camouflaged malware manually. Mac malware continues to masquerade as a supposed flash update, installers are sometimes delivered over manipulated banners that can appear when calling any web page.
image by Shutterstock
TheBitcoinNews.com – Bitcoin News source since June 2011 –
Virtual currency is not legal tender, is not backed by the government, and accounts and value balances are not subject to consumer protections. TheBitcoinNews.com holds several Cryptocurrencies, and this information does NOT constitute investment advice or an offer to invest.
Everything on this website can be seen as Advertisment and most comes from Press Releases, TheBitcoinNews.com is is not responsible for any of the content of or from external sites and feeds. Sponsored posts are always flagged as this, guest posts, guest articles and PRs are most time but NOT always flagged as this. Expert opinions and Price predictions are not supported by us and comes up from 3th part websites.
Advertise with us : Advertise