search
HomeHardware TutorialHardware NewsA $500-a-month malware dubbed \'Cthulhu Stealer\' targets macOS users and steals sensitive data
A $500-a-month malware dubbed \'Cthulhu Stealer\' targets macOS users and steals sensitive dataAug 26, 2024 pm 09:35 PM
hackicloudmacosapplelaptoptestNotebookreviewreviewstestsreportsnetbookCthulhuMalware

A 0-a-month malware dubbed

A new information-stealing malware targeting Apple macOS users has been exposed by cybersecurity researchers. Referred to as "Cthulhu Stealer", it first became available as a malware-as-a-service (MaaS) offering for $500 per month in late 2023. MaaS lets individuals with limited technical skills engage in cyberattacks. Notable examples of MaaS platforms include Blackshades, Zeus, Nymaim, and Emotet, which have been used to launch various types of attacks, such as banking Trojans, botnets, and ransomware.

Cthulhu Stealer is a disguised Apple disk image (DMG) file that contains two binaries, depending on the system architecture. The malware is written in Golang and impersonates verified software/apps, such as CleanMyMac, Grand Theft Auto IV, and Adobe GenP.

Users who fall victim are prompted to enter their system password and MetaMask password. Cthulhu Stealer also harvests system information, iCloud Keychain passwords, web browser cookies, and Telegram account information. This stolen data is then compressed, stored in a ZIP archive file, and exfiltrated to a command-and-control (C2) server. C2 servers have often been used in the past to distribute malicious software. The SolarWinds 2020 CyberAttack is one such example, where the software supply chain of the tech company was compromised.

The malware mainly steals credentials and cryptocurrency wallet info from various online accounts. As per reports, the individuals responsible for developing and distributing Cthulhu Stealer are no longer active in the cybercrime landscape. This is likely due to internal disputes within their organization and accusations of fraudulent activities, leading to a permanent ban.

To protect themselves, users are advised to download software only from trusted sources, avoid installing unverified apps, and keep their systems up-to-date with the latest security updates. Apple has also announced plans to add additional security measures in macOS Sequoia to prevent users from easily overriding Gatekeeper protections.

A 0-a-month malware dubbed

The above is the detailed content of A $500-a-month malware dubbed \'Cthulhu Stealer\' targets macOS users and steals sensitive data. For more information, please follow other related articles on the PHP Chinese website!

Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Apple iPhone 16 Pro as Leica smartphone: Leica subsidiary confirms camera grip with official Leica appApple iPhone 16 Pro as Leica smartphone: Leica subsidiary confirms camera grip with official Leica appJun 13, 2024 pm 08:52 PM

LeicareleasedtheLeicaLuxcameraappfortheAppleiPhoneafewdaysago.However,theappwasnotdevelopedbyLeica,butbyFjorden.ThecompanyhasbeenknownprimarilyforitscameragripsfortheiPhoneandwasacquiredbyLeicainDecember2023.Fo

Remote 3 universal remote control comes with touchscreen, but without subscription or server obligationRemote 3 universal remote control comes with touchscreen, but without subscription or server obligationJun 14, 2024 am 09:13 AM

SincethedemiseofLogitech'spopularHarmonyremotecontrols,themarketforhigh-qualityuniversalremotecontrolshasbeenfragmentedatbest.UnfoldedCircleaimstoavoidthefateoftheHarmonyUltimatebyeliminatinganyserverobligationsorsubs

Samsung Galaxy S24 Ultra gains E Ink secondary display via inventive protective caseSamsung Galaxy S24 Ultra gains E Ink secondary display via inventive protective caseJun 14, 2024 am 10:44 AM

Anintriguingthird-partycasefortheGalaxyS24Ultra(curr.$1,099.99onAmazon)hasappearedonmarketplaceslikeAliExpress.Astheimagesthroughoutthisarticleshow,thecasehasasimplesiliconeconstruction.However,italsocontainsanEInkd

Light Phone 3 launches with 50% discount, monochrome OLED and minimalist designLight Phone 3 launches with 50% discount, monochrome OLED and minimalist designJun 13, 2024 pm 10:18 PM

WhiletheLightPhone2from2018wasstillequippedwithaneconomicale-inkdisplay,theLightPhone3usesanOLEDdisplaythatcanonlydisplaygrayscale.Thereasonfortheswitchtothe3.92-inchOLEDpanelwithitsresolutionof1,240x1,080isth

Electric Ferraris will boast an \'authentic\' growl, claims marketing executiveElectric Ferraris will boast an \'authentic\' growl, claims marketing executiveJun 14, 2024 am 10:26 AM

In2012,theeminentautomotivejournalistJeremyClarksonstatedthattheLamborghiniAventador,whichhewasreviewingatthetime,wouldbeamongthelastcarstofeatureanaturallyaspiratedV12.Morethanadecadelater,V12-poweredsupercarsareal

Jabra discontinues Elite wireless earbuds lineupJabra discontinues Elite wireless earbuds lineupJun 14, 2024 am 09:39 AM

TheJabraEliteserieshascometoanend,withGNCEOPeterKarlstromerannouncingthediscontinuationofthewirelessearbudswithinthelineupinapressrelease.Petersaysthatthechangingmarketdynamicsandhowchallengingithasbecometogetas

Audio-Technica unveils ATH-S300BT wireless headphones with hear-through noise-cancellation, 90 hours battery life, and multipoint pairingAudio-Technica unveils ATH-S300BT wireless headphones with hear-through noise-cancellation, 90 hours battery life, and multipoint pairingJun 14, 2024 am 09:46 AM

Audio-TechnicahasunveiledtheATH-S300BTwirelessheadphoneswithhear-throughnoise-cancellation,multipointpairing,and90hoursofbatterylife.Thenoise-cancellingfeaturehasthreemodes:off,on,andhear-through,whereambientsoundscanbehea

First complete PCIe 7.0 IP solution presented by Synopsys coming to market in 2025 for HPCs and AI supercomputersFirst complete PCIe 7.0 IP solution presented by Synopsys coming to market in 2025 for HPCs and AI supercomputersJun 14, 2024 am 09:19 AM

Backin2022,whenPCIe7.0wasstartingtotakeshapeasafuturestandard,PCIe5.0wasjusthittingtheservermarketsandtheprospectofseeingPCIe6.0devicesavailableanytimesoon,letalonePCIe7.0ones,wasquitefar-fetched.CurrentlyPCIe5

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Repo: How To Revive Teammates
4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island Adventure: How To Get Giant Seeds
4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SecLists

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.

Safe Exam Browser

Safe Exam Browser

Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.

EditPlus Chinese cracked version

EditPlus Chinese cracked version

Small size, syntax highlighting, does not support code prompt function

mPDF

mPDF

mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),