News New macOS malware steals your cookies to swipe your...

New macOS malware steals your cookies to swipe your cryptocurrency

-

- Advertisment -

New macOS malware steals your cookies to swipe your cryptocurrency

Security researchers from Palo Alto Networks’ Unit 42 have identified a new cryptocurrency stealing malware. What has been dubbed as “CookieMiner,” specifically targets Mac users and the cookies related to their logon credentials for cryptocurrency exchanges like Coinbase, Binance, Poloniex, Bittrex, Bitstamp, and MyEtherWallet.

There be gold in them cookies

The new malware was uncovered after examining the infamous OSX.DarthMiner which surfaced late last year.

“It sparked our interest as it was a new variant with additional functionality,” Jen Miller-Osborn, deputy director of threat intelligence at Unit 42, told Hard Fork.

It also attempts to steal passwords saved in Chrome, and text messages stored in iTunes backups. When all this information is in the hands of attackers, it’s quite easy for them to steal cryptocurrency from the victim’s exchange accounts.

Having a person’s login credentials usually isn’t enough to gain access to their account if they have 2FA enabled. However, if the hacker has their authentication cookies too, they can use these to make the login attempt appear as if it’s connected to a previously verified session. If so, the website won’t ask for the login attempt to be authenticated.

According to Miller-Osborn, this attack is indicative of old-school malware methods being tweaked for success in the cryptocurrency space.

“There are a lot of coinminers and other malware in the wild and targeting credentials or cookies stored in browsers is not new,” Miller-Osborn added. “Targeting all of these with apparent focus on gaining access to cryptocurrency exchanges and trying to avoid [multi-factor authentication] protections is newer.”

Sneaky sneaky

That’s not all. The malware also installs some coin mining software that uses the victim’s system to mine cryptocurrency without them knowing.

The crypto-jacking software, on the surface, takes a similar form to the XMRIG coin miner which usually mines Monero. But in this case, the miner is configured to mine Koto, a small-time Japanese cryptocurrency. Although Miller-Osborn clarified, “[t]here isn’t enough data to point to who is behind this or where they are located.”

Perhaps Koto was chosen as it’s a privacy coin and can be used to cover the attacker’s tracks. The fact it has ties with Japan might just be something else to try to throw digital forensic researchers off the trail.

Having your cryptocurrency stolen because of some purloined cookies can be avoided.

Miller-Osborn urges people to avoid ever saving credentials or credit card information within their browsers, as it’s a common attack vector for malware like this.

“They should also clear web browser caches regularly, particularly after logging into financial or other sensitive accounts. It’s quick and ensures the data is not within web browsers to steal,” she advised.

Source: TheNextWeb

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest news

Buy VPS With Bitcoin: The Top 10 List

In this article, we list the Best web hosting providers you can buy VPS with bitcoin. All...

5 of the Best Crypto Jobs Sites

The cryptocurrency and blockchain job market has exploded. With new blockchain start-ups and projects being founded at...

What’s the future of decentralized blockchains?

When Bitcoin was new and not valued at anything or just a few cents anyone could join...

My 5 favorite free crypto tools & sites I use daily

So I often get asked by friends, or people visiting my site about new tips for exciting...
- Advertisement -New macOS malware steals your cookies to swipe your cryptocurrency

Cryptocurrency is The Last Kingdom Where You Can Keep Your Data Private

Data privacy has been a hot topic for quite some time now and particularly after the popularity...

How To Travel With Bitcoin: 9 Travel Companies Accepting Bitcoin

Bitcoin travel is a reality, as several travel companies now accept payments in cryptocurrencies for their services.

Must read

Buy VPS With Bitcoin: The Top 10 List

In this article, we list the Best...

5 of the Best Crypto Jobs Sites

The cryptocurrency and blockchain job market has...
- Advertisement -

You might also likeRELATED
Recommended to you