 |
| (Image credit: solarseven/Shutterstock) |
Although hackers don't attack Apple Macs as frequently as they do Windows PCs, they are nonetheless vulnerable. Malware known as "Cthulhu Stealer" was recently discovered by security experts. It poses as well-known programs in order to collect passwords and steal data from macOS users.
The Hacker News was the first to reveal that Cado Security issued a public alert this week on Cthulhu Stealer, a malware-as-a-service that targets macOS users and was released in late 2023. The alert costs $500 per month. Tara Gould, a researcher from Cado Security, stated, "The malware is written in Golang and disguises itself as legitimate software."
It has masqueraded as software applications, such as CleanMyMac, Grand Theft Auto IV, or Adobe GenP, an open-source utility that some Adobe users use to avoid having a Creative Cloud membership, in order to fool people into downloading it. Depending on whose architecture it detects, the virus may target both Intel and Apple Silicon Macs since it is packed as a disk image (DMG) file with two programs inside.
Gatekeeper, a built-in security feature of macOS, alerts users that the program is unsigned when they attempt to open the phony app. The user is prompted to input their system password and then the MetaMask cryptocurrency wallet if they want to disable Gatekeeper safeguards and allow it to continue running. This prompt appears to be authentic. Cthulhu Stealer may steal a variety of sensitive data if it has the required rights, including as web browser cookies, Telegram account information, and passwords that have been saved in iCloud Keychain.
"The main functionality of Cthulhu Stealer is to steal credentials and cryptocurrency wallets from various stores, including game accounts," Gould said.
We have previously encountered this osascript-based method in infostealers and malware such as Atomic Stealer, Cuckoo, MacStealer, and Banshee Stealer. However, even if Cthulhu Stealer isn't the most advanced malware available, Mac users who fall for this trick run the risk of suffering a significant danger.
How to stay safe from Mac malware
What therefore can you do to prevent malware such as Cthulhu Stealer from infecting the greatest Macs? Above all, be sure the person you're getting the app from is who they claim they are by being cautious about the apps you download. Although XProtect, the built-in antivirus program on your Mac, is a good option, you should still use one of the top Mac antivirus programs in addition to it. In addition to being updated more frequently, paid antivirus software frequently includes a password manager or VPN to keep you secure online.
Apple is also working on making macOS Sequoia, which is anticipated to launch in mid-September, more difficult to get around Gatekeeper security measures. Instead of using Control-clicking to dismiss Gatekeeper alerts, users will need to go System Settings in order to approve the usage of unsigned applications. Hopefully, the inconvenience of having to go through an additional step will act as a sufficient disincentive for users to hesitate before executing potentially hazardous programs.