This sneaky malware is after your passwords and personal data

Apple Macs have historically been targeted less by hackers than Windows devices, but this trend is shifting. In recent months, there has been an increase in malware specifically targeting macOS while leaving Windows systems unaffected. Security researchers uncovered a new threat called “Cthulhu Stealer,” which has emerged, impersonating popular apps to harvest passwords and steal data from macOS users.

The perception of Macs being inherently more secure is evolving as cybercriminals increasingly develop malware for Apple’s operating system. While Macs still face fewer overall threats compared to Windows PCs, the gap is narrowing.

GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE

 

How this ‘malware-as-a-service’ targets your mac

Cthulhu Stealer malware has been available under a malware-as-a-service (MaaS) model for $500 a month since late 2023, as discovered by Cado Security.

“Cthulhu Stealer is an Apple disk image (DMG) that is bundled with two binaries, depending on the architecture,” Cado Security researcher Tara Gould said. “The malware is written in Golang and disguises itself as legitimate software.”

The malware pretends to be legitimate software, mimicking programs like CleanMyMac, Grand Theft Auto IV, and Adobe GenP. Adobe GenP, in particular, is an open-source tool used to bypass Adobe’s Creative Cloud service and activate apps without paying.

Once you install the malware disguised as a legit app and try to open it, macOS will warn you that it isn’t reliable. Ignoring the warning and continuing will prompt you to enter your password. After that, you’ll see a second prompt asking for your MetaMask password. The malware then creates a directory in ‘/Users/Shared/NW’ and stores the credentials in text files. Chainbreak is used to dump Keychain passwords, which are saved in a file called Keychain.txt.

With the required permissions in place, Cthulhu Stealer can grab a wide range of sensitive data, including saved passwords from iCloud Keychain, web browser cookies, and even Telegram account details. “The main functionality of Cthulhu Stealer is to steal credentials and cryptocurrency wallets from various stores, including game accounts,” Gould explained.

 

4.3 MILLION AMERICANS EXPOSED IN MASSIVE HEALTH SAVINGS ACCOUNT DATA BREACH

 

Hackers are preying on Mac users

There has been an increase in malware and vulnerabilities affecting Mac users. Recently, researchers at Cisco Talos discovered a vulnerability in Microsoft apps that could allow hackers to steal all your data and gain control of your system.

Plus, a stealer malware called Banshee is targeting over 100 browsers on Mac devices to steal passwords, cryptocurrency, and personal data. These threats are in addition to the numerous data breaches we’ve seen throughout the year. This should act as a reminder that you need to take your cyber security seriously.

 

MASSIVE SECURITY FLAW PUTS MOST POPULAR BROWSERS AT RISK ON MAC

5 tips to protect yourself from Mac malware

Follow these essential tips to safeguard your Mac from the latest malware threats, including the notorious Cthulhu Stealer.

 

1) Have strong antivirus software: The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

My top pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.  

Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

Best Antivirus Protection 2024

 

2) Be cautious with downloads and links: Only download software from reputable sources such as the Mac App Store or official websites of trusted developers. Be wary of unsolicited emails or messages prompting you to download or install updates, especially if they contain links. Phishing attempts often disguise themselves as legitimate update notifications or urgent messages.

 

3) Keep your software updated: Ensure that both macOS and all installed applications are up to date. Apple frequently releases security patches and updates that address vulnerabilities. Enable automatic updates for macOS and your apps to stay protected without having to manually check for updates. If you need more help, see my guide on keeping all your devices updated.

 

4) Use strong and unique passwords: To protect your Mac from malware, it’s also crucial to use strong, unique passwords for all your accounts and devices. Avoid reusing passwords across different sites or services. A password manager can be incredibly helpful here—it generates and stores complex passwords for you, making them difficult for hackers to crack.

It also keeps track of all your passwords in one place and automatically fills them in when you log into accounts, so you don’t have to remember them yourself. By reducing the number of passwords you need to recall, you’re less likely to reuse them, which lowers the risk of security breaches. Get more details about my best expert-reviewed Password Managers of 2024 here.

 

5) Use Two-Factor Authentication (2FA): Enable 2FA for your important accounts, including your Apple ID, email, and any financial services. This adds an extra step to the login process, making it harder for attackers to gain access even if they have your password.

 

HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET

 

Kurt’s key takeaway

Macs aren’t as safe from hackers as they used to be. With malware like Cthulhu Stealer and Banshee targeting Mac users, it’s a good reminder to step up your cybersecurity game. These threats can steal your passwords, data, and even cryptocurrency, so investing in solid antivirus software and being cautious with what you download is more important than ever.

When downloading new software, how do you determine if it’s safe to install? Do you rely on app store ratings, reviews, or something else? Let us know in the comments below.

FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

 

 

Copyright 2024 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.

Related posts

Best last minute holiday gifts

Understanding brushing scams and how to protect yourself

From TikTok to trouble: How your online data can be weaponized against you