Kaspersky alerts about malicious exploits targeting your Crypto Wallet

Cybersecurity firm Kaspersky has reported a confirmed macOS exploit targeting the latest version of the operating system, urging Apple users to remain vigilant.

The exploit is designed to trick Bitcoin and Exodus wallet users into unwittingly downloading a fraudulent version of the software.

Crypto-stealing malware targets macOS users

Kaspersky notes that malware distributed through pirated applications is unique in that it focuses on damaging wallet applications. This malware stands out from the usual proxy trojans or remote control software in two ways.

First, it uses DNS records to serve a malicious Python script. Second, instead of stealing crypto wallets, it replaces the wallet app with a compromised version. This allows the malware to steal a passphrase to access cryptocurrency stored in hacked wallets.

Our experts review cracked software that exploits the new #MacOS backdoor, targeting #Bitcoin and #Exchange wallets. This malicious software replaces the wallet with #malware, which deploys powerful background running scripts with administrator privileges.

Full report ⇒ pic.twitter.com/L2cmPMDb8N

— Kaspersky (@kaspersky) January 23, 2024

The malware is designed to target macOS versions 13.6 and above, regardless of whether they are on Intel or Apple Silicon devices. Kaspersky emphasizes the unique creativity of attackers by hiding a Python script in a DNS server record, which enhances the malware's stealth in network traffic.

Security researcher Sergey Puzan from Kaspersky advises users with cryptocurrency wallets to be more careful. Kaspersky recommends that users take precautions to protect their digital investments, such as updating their computer's operating system, installing anti-malware software, and downloading apps only from official stores such as the Apple App Store.

While these measures increase security, it's important to note that even hardware wallets aren't foolproof. Separately, 16.8 bitcoins (approximately $587,238) were stolen after a fake Ledger cryptocurrency wallet management app was downloaded from the Microsoft App Store in November.

Crypto wallet in danger

Malware targeting crypto wallets continues to pose a threat, with recent incidents potentially exposing users to vulnerabilities and financial losses. Since November, more than $4 million has been stolen from Solana's network through scams and fake airdrops.

Additionally, hackers linked to North Korea's Lazar group reportedly stole more than $35 million in cryptocurrencies such as USDT, XRP, Cardano, and Dogecoin from Atomic Wallet users. Meanwhile, Kaspersky's report raised particular concerns for wallet providers like Exodus, Coinbase and MetaMask, which hackers have previously targeted.

Exodus Wallet CEO JP Richardson emphasized the company's commitment to customer security, conducting comprehensive code audits to identify and prevent potential threats. Despite these efforts, Richardson recommends users use a hardware wallet for an extra layer of security.