MacOS and OS are known for their strong privacy, so many people are willing to spend thousands of dollars to be able to use products from the Apple company.
I do not guarantee that any device connected to the internet will be 100% safe, including macOS or OS products from the Apple company to other software from other large and well-known companies.
A popular sentence for me is Crime can occur anywhere, anytime and anywhere based on the perpetrator's intentions.
Topic: New macOS backdoor stealing crypto wallets (Bitcoin Core and Exodus) (Read 108 times)
January 25, 2024, 04:54:43 PM
January 25, 2024, 04:45:55 PM
When we thought that MacOS is safe from crypto malwares, a new discovery says that this is not the case.
MacOs is relatively safe compared to other operating systems. In this case, the user has to give permission twice, meaning that the user has to confirm two security measures for the malware to work at all. An OS cannot completely protect itself from a users own errors. When you download the software, you will receive a message that the software was created by an unverified developer and you have to manually give permission to start it in the settings. You then have to give a second permission for network access so that the malware can ultimately reach your C2.
January 25, 2024, 08:47:12 AM
What do we learn here?
Never ever downloaded fake or pirated software. You already have a powerful machine in your hand and you have like shell out thousands of dollars already, so why not just buy original software as not to compromise your expensive MacOS.
https://securelist.com/new-macos-backdoor-crypto-stealer/111778/
So read a lot, get updated on the latest security, and practice securing your machine.
It's attractive to download software that costs a fraction of the original, hackers will entice you to do that so they can control your machine, So do the right thing and save your investment.
January 25, 2024, 03:51:13 AM
I always have a personal conviction that if some third-party program asks for some kind of permission to access it, and even more so for a password from the system, it is almost always a virus. I consider this the most important indicator for identifying a virus program on your device.
January 24, 2024, 05:36:52 AM
If I am to rate OS I will place Linux ahead of MAC and Windows although MAC also edges Windows in terms of catching malware, but still none of them is counter proof against catching malware just like you have stated it depends on how we use our device. Some people think that things like having antivirus will actually protect against fake software downloads and it doesn’t sometimes, some malware are not even detected by anti viruses
Then as a cryptocurrency holder you shouldn’t be having your funds on hot devices not to talk of using same device for storing your crypto wallet and for personal use
Linux isn't their mate in terms of security and even performance, its edges both of them, Windows Is the least.Then as a cryptocurrency holder you shouldn’t be having your funds on hot devices not to talk of using same device for storing your crypto wallet and for personal use
You also need to understand that original OS software isn't that porous and offers higher malware detection than pirated ones, so in my guess, that's pirated Mac OS software in the image and pirated software too, that's double tragedy.
Anti-viruses have different types and modes, there are stronger ones and weaker ones, to worsen the issue most people use free mode and they're limited in protection. Paid services helps increase the features offered by any software in general.
January 24, 2024, 05:18:41 AM
According to this report in 2022,
https://appleworld.today/percentage-of-malware-on-macos-6-2-compared-to-54-on-windows-and-39-4-on-linux/
So I do agree that everything is under attack, that no OS is safe from this cyber threat and any group that is roaming around, specially in the world that we live in right now. This could be a new trend or it's that Windows is sill the primary target for them as it's easy to write and authored malware released them in the wild right away in just matter of days.
Quote
The report says that when it comes to the percentage of malware by OS, 54.4% of it was found on Windows, 39.4% was on Linux, and 6.2% was on macOS. For the malware found on macOS, Elastic found that almost 50% of it came from just one source, MacKeeper.
https://appleworld.today/percentage-of-malware-on-macos-6-2-compared-to-54-on-windows-and-39-4-on-linux/
So I do agree that everything is under attack, that no OS is safe from this cyber threat and any group that is roaming around, specially in the world that we live in right now. This could be a new trend or it's that Windows is sill the primary target for them as it's easy to write and authored malware released them in the wild right away in just matter of days.
January 24, 2024, 05:14:09 AM
So once you give them permission, it will execute a program and then will communicate to their C2 (command and control), to downloaded a script.
It's similar running application as administrator (on Windows) or giving root access to application (on Linux). So it could be avoided if the user being skeptical. Even pirate community should have reputation system to know which files is more or less likely to be dangerous.
What do we learn here?
Never ever downloaded fake or pirated software. You already have a powerful machine in your hand and you have like shell out thousands of dollars already, so why not just buy original software as not to compromise your expensive MacOS.
Never ever downloaded fake or pirated software. You already have a powerful machine in your hand and you have like shell out thousands of dollars already, so why not just buy original software as not to compromise your expensive MacOS.
FWIW few people buy used or old macbook either due to work demand or lifestyle.
January 24, 2024, 05:13:48 AM
It's just weird that they seems to be fixated on Bitcoin Core and Exodus? Or it is just easy for them to write the code and look for this wallet?
My assumption is that noobs tend to use convenient one-for-all wallets like Exodus. I'm not sure if Exodus can even natively connect to Ethereum/EVM DeFi protocols.verything has to start from something, and for those newly user of macOS, this doesn't look good. If I'm not mistaken, softwares for macOS are very expensive and probably this is the reason from this authors to write malwares that targeted macOS users now and then gamble that someone can fall for their trick and steal our hard earn cryptocurrencies in our online wallet.
Malware doesn't look good for MacOS users just as how it doesn't look good for Windows/Linux/Android/iOS users. 
January 24, 2024, 04:30:06 AM
It's just weird that they seems to be fixated on Bitcoin Core and Exodus? Or it is just easy for them to write the code and look for this wallet? Or this is just the beginning for the author of this malware and see how it's going to be easy for them and most likely include all other wallets like Electrum and Metamask and others that most of the crypto enthusiasts are using? Everything has to start from something, and for those newly user of macOS, this doesn't look good. If I'm not mistaken, softwares for macOS are very expensive and probably this is the reason from this authors to write malwares that targeted macOS users now and then gamble that someone can fall for their trick and steal our hard earn cryptocurrencies in our online wallet.
January 24, 2024, 04:26:44 AM
No operating system is 100% safe anyway, not even the security and privacy-focused Linux operating systems. Downloaded and installed malicious software? There will always be a chance that your device will be infected, regardless of how much safeguards your OS has.
January 24, 2024, 04:15:57 AM
I remember we have a discussions about this on your other thread, as how macOS is not that affected by the malware. But now it seems that at least variants of it are being found and threat actors are creating to attack macOS user.
And if this spread is thru pirated and crack softwares, as crypto users, we should avoid this kind of websites and not to think of downloading any fake softwares just to save money. We should think of our security, thus this is a practice that everyone should be avoiding.
And if this spread is thru pirated and crack softwares, as crypto users, we should avoid this kind of websites and not to think of downloading any fake softwares just to save money. We should think of our security, thus this is a practice that everyone should be avoiding.
January 23, 2024, 08:51:36 AM
If I am to rate OS I will place Linux ahead of MAC and Windows although MAC also edges Windows in terms of catching malwares, but still none of them is counter proof against catching malwares just like you have stated it depends on how we use our device. Some people think that things like having antivirus will actually protect against fake software downloads and it doesn’t sometimes, some malwares are not even detected by antiviruses
Then as a cryptocurrency holder you shouldn’t be having your funds on hot devices not to talk of using same device for storing your crypto wallet and for personal use
Then as a cryptocurrency holder you shouldn’t be having your funds on hot devices not to talk of using same device for storing your crypto wallet and for personal use
January 23, 2024, 07:57:53 AM
When we thought that MacOS is safe from crypto malwares, a new discovery says that this is not the case. Although the malware itself only targets newer version of the operating system, but still for us crypto enthusiast, this is very dangerous. The mode of infection is that if the user downloaded a crack or fake apple software, then you will be directed to this, a bogus Activator window that asks for the administrator password.
So once you give them permission, it will execute a program and then will communicate to their C2 (command and control), to downloaded a script.
And this script check for the presence of Bitcoin Core and Exodus wallet (so far only this two wallets) in your machine. It will then sends everything to the criminals C2 server, including, seed, mnemonic phrase, your balance, password and once they got the data, they will obviously drain your wallet.
What do we learn here?
Never ever downloaded fake or pirated software. You already have a powerful machine in your hand and you have like shell out thousands of dollars already, so why not just buy original software as not to compromise your expensive MacOS.
https://securelist.com/new-macos-backdoor-crypto-stealer/111778/
So once you give them permission, it will execute a program and then will communicate to their C2 (command and control), to downloaded a script.
And this script check for the presence of Bitcoin Core and Exodus wallet (so far only this two wallets) in your machine. It will then sends everything to the criminals C2 server, including, seed, mnemonic phrase, your balance, password and once they got the data, they will obviously drain your wallet.
What do we learn here?
Never ever downloaded fake or pirated software. You already have a powerful machine in your hand and you have like shell out thousands of dollars already, so why not just buy original software as not to compromise your expensive MacOS.
https://securelist.com/new-macos-backdoor-crypto-stealer/111778/
Jump to: