A recently discovered form of malware steals browser cookies and other information on victims' Apple Mac computers to steal cryptocurrencies.
Researchers at cybersecurity firm Palo Alto Networks published a report on Thursday, saying that the malware, dubbed "CookieMiner," intercepts browser cookies related to cryptocurrency exchanges and wallet service providers' websites visited by the victims.
The malicious code targets exchanges including Binance, Coinbase, Poloniex, Bittrex, Bitstamp and MyEtherWallet, as well as any website having "Blockchain" in its domain name, the researchers found.
If successful at stealing those details, hackers can gain full access to victims' crypto exchange and wallet accounts to steal funds.
"CookieMiner tries to navigate past the authentication process by stealing a combination of the login credentials, text messages, and web cookies."
The malware has another string to its bow too - it changes a victim's system configuration to maliciously load crypto mining software.
The coinminer is similar to a variant that mines monero, but instead targets a lesser-known cryptocurrency called Koto, the researchers said.
The researchers suggested that cryptocurrency users should keep "An eye on their security settings and digital assets to prevent compromise and leakage." They also noted that the malware checks if an application firewall program called Little Snitch is running on a victim's computer.
Deployments of crypto-mining malware are rapidly growing in number.
A study from McAfee, published in December, showed that there were nearly 4 million new mining malware threats in the third quarter of 2018 alone, compared to less than 500,000 in 2017 and 2016.
New Malware Targets Apple Mac Computers to Steal and Mine Cryptos
Published on Feb 1, 2019
by Coindesk | Published on Coinage
Coinage
Recent News
View All
Blockchain Bites: Bitcoin's Run, Uniswap's Hemorrhaging Value, Anchorage's Banking Bid
Bitcoin is nearing all-time highs in price and market cap last set three years ago.
Japan's megabanks to lead experiment with digital yen
We have, in order, Cheese Bank with a $3.3 million theft, Akropolis with its $2 million loss, Value DeFi with a whopping $6 million exploit and finally Origin Protocol's loss of $7 million.
Number of new Bitcoin addresses spikes amid growing FOMO
Japan's three largest banks, as part of a group of 30 private sector actors, are set to collaborate on an experiment with a digital yen.
Not just Wall Street: Quant trader explains why Bitcoin price is going up
Sam Trabucco, a quantitative trader at Alameda Research, believes four general factors are pushing up the price of Bitcoin.