Apple Macs have historically been less of a target for hackers than Windows devices, but this is changing: in recent months, there has been an increase in malware that targets macOS only, without affecting Windows systems.
Security researchers have discovered a new threat, dubbed “Cthulhu Stealer,” that disguises itself as a popular app to harvest passwords and steal data from macOS users.
As cybercriminals develop more malware targeted at Apple’s operating systems, there’s a growing perception that Macs are inherently safer. While Macs still face fewer overall threats than Windows PCs, the gap is closing.
For security alerts and expert tips, sign up for KURT’s newsletter, The Cyberguy Report, here.
Man working on a Mac (Kurt “Cyberguy” Knutson)
How this “malware-as-a-service” attacks Macs
The Cthulhu Stealer malware will be available under a Malware-as-a-Service (MaaS) model starting in late 2023 for $500 per month. Kado Security Found it.
“Cthulhu Stealer is an Apple Disk Image (DMG) bundled with two binaries depending on the architecture,” said Tara Gould, a researcher at Cado Security. “The malware is written in Golang and masquerades as legitimate software.”
The malware poses as legitimate software by mimicking programs such as CleanMyMac, Grand Theft Auto IV, and Adobe GenP, an open-source tool used to circumvent Adobe’s Creative Cloud services and activate apps without paying for them.
When attempting to install and open the malware disguised as a legitimate app, macOS will display a warning that it is not trusted. If the user ignores the warning and continues, they will be prompted for their password. They will then be shown a second prompt for the MetaMask password. The malware then creates a directory in ‘/Users/Shared/NW’ and saves the credentials in a text file. Chainbreak is used to dump the keychain passwords which are stored in a file called Keychain.txt.
If the necessary permissions are set, the Cthulhu Stealer can retrieve a variety of sensitive data, including passwords stored in the iCloud Keychain, web browser cookies, and even Telegram account details.
“The primary function of the Cthulhu Stealer is to steal credentials and cryptocurrency wallets from various stores, including gaming accounts,” Gould explained.
A woman working on two Macs (Kurt “Cyberguy” Knutson)
Massive health savings account data breach puts 4.3 million Americans at risk
Hackers are targeting Mac users
There has been an increase in malware and vulnerabilities threatening Mac users. Recently, researchers at Cisco Talos reported: Microsoft app vulnerabilities Hackers could steal all your data and gain control over your system.
In addition, theft malware Banshee targets over 100 browsers on Mac devices Such threats exist to steal passwords, cryptocurrency, and personal data. These threats come on top of the numerous data breaches that have occurred this year, which is a reminder that cybersecurity needs to be taken seriously.
What is Artificial Intelligence (AI)?
Woman working on a laptop (Kurt “Cyberguy” Knutson)
Serious security flaw puts Mac’s most popular browser at risk
5 tips to protect yourself from Mac malware
To protect your Mac from the latest malware threats, including the infamous Cthulhu Stealer, follow these important tips:
1. Deploy powerful antivirus software: The best way to protect yourself from malicious links that could install malware and access your personal information is to have antivirus software installed on all your devices. This protection will also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. We’ve handpicked the winners of the best antivirus protection of 2024 for Windows, Mac, Android and iOS devices.
Click here to get FOX Business on the go
2. Be careful with downloads and links: Download software only from trusted sources, such as the Mac App Store or official websites of trusted developers. Be wary of unsolicited emails or messages offering to download or install updates, especially if they contain links. Phishing scams often pose as legitimate update notifications or urgent messages.
3. Keep your software up to date: Make sure your macOS and all installed applications are up to date. Apple frequently releases security patches and updates to address vulnerabilities. Enabling automatic updates for macOS and your apps helps you stay protected without having to manually check for updates. If you need further help, contact me. A guide to keeping all your devices up to date.
4. Use a strong and unique password: To protect your Mac from malware, it’s also important to use strong, unique passwords for all your accounts and devices, and avoid reusing passwords across different sites and services. Password Manager This is where it really comes in handy: it generates and stores complex passwords, making them difficult for hackers to crack.
It also records all your passwords in one place and automatically fills them in when you log into your accounts, so you don’t have to remember them yourself. By reducing the number of passwords you have to remember, you’re less likely to reuse them, reducing the risk of a security breach. Learn more about me Check out the best password managers of 2024, reviewed by experts.
5. Use two-factor authentication (2FA): Enable 2FA for important accounts like your Apple ID, email, financial services, etc. This adds an extra step to the login process, making it harder for attackers to gain access even if they get hold of your password.
How to remove your personal information from the internet
Important points about the cart
Macs aren’t as safe from hackers as they used to be. With malware like Cthulhu Stealer and Banshee targeting Mac users, it’s a reminder to step up your cybersecurity efforts. These threats can steal passwords, data, and even cryptocurrency, so it’s more important than ever to invest in strong antivirus software and be careful about what you download.
When downloading new software, how do you know if it’s safe to install? Do you look at app store ratings, reviews, and other information? Cyberguy.com/Contact Us
Click here to get the FOX News app
If you want to hear more of my tech tips and security alerts, subscribe to the free CyberGuy Report newsletter at the link below. Cyberguy.com/Newsletter
Have a question for Kurt or tell us the story you’d like to see featured?
Follow Kurt on his social channels
Answers to the CyberGuy’s most frequently asked questions:
New Arrivals from Cart:
Copyright 2024 CyberGuy.com. All Rights Reserved.
