CookieMiner Mac Malware Wants Your Cookies and Your Crypto Funds
CYBER NEWS

CookieMiner Mac Malware Wants Your Cookies and Your Crypto Funds

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

A new instance of Mac malware has been detected by researchers at Palo Alto Networks. The malware is designed to steal browser cookies and other information and it also steals cryptocurrencies on infected Mac computers.

The malware is dubbed CookieMiner, and intercepts browser cookies related to cryptocurrency exchanges and websites of wallet service providers that victims have previously visited. Popular crypto exchanges such as Binance, Coinbase, Bittrex, Poloniex, Bitstamp, and MyEtherWaller are targeted in the CookieMiner campaign, researchers say.

Any website having “blockchain” in its domain name is also targeted.

More about CookieMiner

The team who discovered the malicious threat believes that the piece has been developed from OSX.DarthMiner, a malware known to target the Mac platform.

In addition to targeting the crypto exchanges listed above, the malware also attempts to steal credit card information from major issuers, such as Visa, Mastercard, American Express and Discover, as well as saved usernames and passwords in Chrome, iPhone text messages that are backed up to iTunes, and crypto wallet keys.

Related: Top 5 Most Destructive macOS Malware Pieces

By leveraging the combination of stolen login credentials, web cookies, and SMS data, based on past attacks like this, we believe the bad actors could bypass multi-factor authentication for these sites,” the researchers noted.

If the attempt of exploit is successful, the malware will steal all these details and will gain full access to the victim’s crypto exchange and wallet accounts. Finally, it will steal their funds.

As explained in the report, CookieMiner tries to navigate past the authentication process by stealing a combination of the login credentials, text messages, and web cookies.

In short, the malicious activities performed by CookieMiner are the following:

– Steals Google Chrome and Apple Safari browser cookies from the victim’s machine
– Steals saved usernames and passwords in Chrome
– Steals saved credit card credentials in Chrome
– Steals iPhone’s text messages if backed up to Mac
– Steals cryptocurrency wallet data and keys
– Keeps full control of the victim using the EmPyre backdoor
– Mines cryptocurrency on the victim’s machine

Avatar

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...