According to published reports, Mac users are facing a serious threat from a new malware called “Cthulhu Stealer” that can steal personal information and cryptocurrency wallets.
This malware, specially designed for Mac operating system (macOS), appears as an image file in DMG format and hides itself in legitimate software such as CleanMyMac and Adobe GenP.
When users open the file, the Mac command-line tool prompts them for a password to run AppleScript and JavaScript.
After entering the password, another password request will appear for popular crypto wallets such as Metamsk, Coinbase, Wasabi, Electrum, Atomic Wallet, Binance, and Blockchain Wallet.
The Cthulhu Stealer malware stores stolen information in text files and then scans the victim’s system to collect data such as IP address and operating system version.Tara Gould, a researcher at cyber security firm Cado, says the main function of this malware is to steal information and cryptocurrency wallets from various stores, including game accounts.
This malware is similar to Atomic Stealer, which was detected in 2023, and its developer seems to have modified Atomic Stealer’s code.
Additionally, on August 23, it was reported that the AMOS malware that attacks Mac users can now copy Ledger Live software.
Apple has recently acknowledged the increasing threat of malware against its operating systems and on August 6, it introduced a new version of macOS in which users cannot easily bypass the Gatekeeper security system
