🚀 Eastern European Hackers Target macOS with Malware
#EasternEuropeanHackers #macOS #Malware #CyberSecurity #DataStealing #PasswordTheft #Keychain #WalletSecurity #BruteForceAttack #CryptoTheft
According to Odaily, SlowMist founder Yu Jian has reported that Eastern European hackers have recently released malware targeting macOS systems. Once executed, this malware automatically steals cookies, autofill information, password data, and locally encrypted mnemonic/private key files from browser extensions. Additionally, it can access information stored in the macOS Keychain, which often includes various passwords and other sensitive data.
Yu Jian explained that based on past emergency cases, whether on macOS or Windows, the attacker's steps are generally as follows: First, they decrypt the locally encrypted mnemonic/private key files from the wallet extensions. Some passwords are readily available locally, while others are obtained through brute force attacks. Consequently, some users' wallet assets are stolen days after the initial infection. If the target wallet's assets are minimal, the malware remains dormant until there are sufficient funds to steal.
Secondly, the malware compromises browser-stored account credentials, including those for platforms like X and various trading platforms. Lastly, it targets communication apps such as Telegram and Discord. Therefore, if infected, it is crucial to prioritize securing these accounts before performing antivirus scans or reinstalling the operating system to restore the system.#EasternEuropeanHackers #macOS #Malware #CyberSecurity #DataStealing #PasswordTheft #Keychain #WalletSecurity #BruteForceAttack #CryptoTheft
🚀 Malware Targets MacOS Users Through Fake Video Conferencing Apps
#windows #macos #malware #videoconferencing #cybersecurity #AI #cryptocurrency #dataprotection #passwordsecurity #Keychain #browsersecurity
According to PANews, researchers have identified a malware attack targeting macOS users that has been active for four months. The attack involves malware disguised as a video conferencing application, which steals passwords from the Keychain, session cookies from browsers like Google Chrome, Brave, and Opera, as well as cryptocurrency wallet information.
Tara Gould from Cado Security Labs revealed that attackers are using AI-generated content to create fake websites and social media accounts, posing as reputable companies. Victims are often approached through platforms like Telegram, discussing blockchain or cryptocurrency business opportunities. Once the file is installed, users are prompted to enter their macOS password, allowing further data theft.
Security experts advise users to remain vigilant, especially regarding unfamiliar links related to business opportunities. Utilizing protective tools such as Intego VirusBarrier can effectively defend against such threats.#windows #macos #malware #videoconferencing #cybersecurity #AI #cryptocurrency #dataprotection #passwordsecurity #Keychain #browsersecurity