Mac Cryptocurrency Traders Targeted by Trojanized Apps

2020-07-20 16:31

Mac users are being targeted by trojanized cryptocurrency trading apps, which once downloaded actually drain victims' cryptocurrency wallets, researchers warn.

The actors behind the campaign used websites that copy Kattana's legitimate website to convince unwitting cryptocurrency enthusiasts to download the fake apps.

Once downloaded, the trojanized apps in question deploy malware called GMERA to collect victims' browser information, access and drain their cryptocurrency wallets and take screenshots of their devices.

GMERA was previously uncovered by researchers with Trend Micro, who in September 2019 said the malware was being spread via trojanized cryptocurrency apps in a separate campaign, leveraging malicious versions of the trading app Stockfolio.

Researchers believe that's because Catalina added a feature where recording the screen or taking a screenshot must be approved by the user for each application - which would be a red flag to the Mac user.

News URL

https://threatpost.com/mac-cryptocurrency-traders-targeted-by-trojanized-apps/157557/

#cryptocurrency #MAC