A $500-a-month malware dubbed \'Cthulhu Stealer\' targets macOS users and steals sensitive data-Hardware News-php.cn

Home

Hardware Tutorial

Hardware News

A $500-a-month malware dubbed \'Cthulhu Stealer\' targets macOS users and steals sensitive data

王林

Aug 26, 2024 pm 09:35 PM

hackicloudmacosapplelaptoptestNotebookreviewreviewstestsreportsnetbookCthulhuMalware

A 0-a-month malware dubbed

A new information-stealing malware targeting Apple macOS users has been exposed by cybersecurity researchers. Referred to as "Cthulhu Stealer", it first became available as a malware-as-a-service (MaaS) offering for $500 per month in late 2023. MaaS lets individuals with limited technical skills engage in cyberattacks. Notable examples of MaaS platforms include Blackshades, Zeus, Nymaim, and Emotet, which have been used to launch various types of attacks, such as banking Trojans, botnets, and ransomware.

Cthulhu Stealer is a disguised Apple disk image (DMG) file that contains two binaries, depending on the system architecture. The malware is written in Golang and impersonates verified software/apps, such as CleanMyMac, Grand Theft Auto IV, and Adobe GenP.

Users who fall victim are prompted to enter their system password and MetaMask password. Cthulhu Stealer also harvests system information, iCloud Keychain passwords, web browser cookies, and Telegram account information. This stolen data is then compressed, stored in a ZIP archive file, and exfiltrated to a command-and-control (C2) server. C2 servers have often been used in the past to distribute malicious software. The SolarWinds 2020 CyberAttack is one such example, where the software supply chain of the tech company was compromised.

The malware mainly steals credentials and cryptocurrency wallet info from various online accounts. As per reports, the individuals responsible for developing and distributing Cthulhu Stealer are no longer active in the cybercrime landscape. This is likely due to internal disputes within their organization and accusations of fraudulent activities, leading to a permanent ban.

To protect themselves, users are advised to download software only from trusted sources, avoid installing unverified apps, and keep their systems up-to-date with the latest security updates. Apple has also announced plans to add additional security measures in macOS Sequoia to prevent users from easily overriding Gatekeeper protections.

A 0-a-month malware dubbed

The above is the detailed content of A $500-a-month malware dubbed \'Cthulhu Stealer\' targets macOS users and steals sensitive data. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Apple iPhone 16 Pro as Leica smartphone: Leica subsidiary confirms camera grip with official Leica appJun 13, 2024 pm 08:52 PM

LeicareleasedtheLeicaLuxcameraappfortheAppleiPhoneafewdaysago.However,theappwasnotdevelopedbyLeica,butbyFjorden.ThecompanyhasbeenknownprimarilyforitscameragripsfortheiPhoneandwasacquiredbyLeicainDecember2023.Fo

Remote 3 universal remote control comes with touchscreen, but without subscription or server obligationJun 14, 2024 am 09:13 AM

SincethedemiseofLogitech'spopularHarmonyremotecontrols,themarketforhigh-qualityuniversalremotecontrolshasbeenfragmentedatbest.UnfoldedCircleaimstoavoidthefateoftheHarmonyUltimatebyeliminatinganyserverobligationsorsubs

Samsung Galaxy S24 Ultra gains E Ink secondary display via inventive protective caseJun 14, 2024 am 10:44 AM

Anintriguingthird-partycasefortheGalaxyS24Ultra(curr.$1,099.99onAmazon)hasappearedonmarketplaceslikeAliExpress.Astheimagesthroughoutthisarticleshow,thecasehasasimplesiliconeconstruction.However,italsocontainsanEInkd

Light Phone 3 launches with 50% discount, monochrome OLED and minimalist designJun 13, 2024 pm 10:18 PM

WhiletheLightPhone2from2018wasstillequippedwithaneconomicale-inkdisplay,theLightPhone3usesanOLEDdisplaythatcanonlydisplaygrayscale.Thereasonfortheswitchtothe3.92-inchOLEDpanelwithitsresolutionof1,240x1,080isth

$Electric Ferraris will boast an \'authentic\' growl, claims marketing executive$ Electric Ferraris will boast an \'authentic\' growl, claims marketing executiveJun 14, 2024 am 10:26 AM

In2012,theeminentautomotivejournalistJeremyClarksonstatedthattheLamborghiniAventador,whichhewasreviewingatthetime,wouldbeamongthelastcarstofeatureanaturallyaspiratedV12.Morethanadecadelater,V12-poweredsupercarsareal

Jabra discontinues Elite wireless earbuds lineupJun 14, 2024 am 09:39 AM

TheJabraEliteserieshascometoanend,withGNCEOPeterKarlstromerannouncingthediscontinuationofthewirelessearbudswithinthelineupinapressrelease.Petersaysthatthechangingmarketdynamicsandhowchallengingithasbecometogetas

Audio-Technica unveils ATH-S300BT wireless headphones with hear-through noise-cancellation, 90 hours battery life, and multipoint pairingJun 14, 2024 am 09:46 AM

Audio-TechnicahasunveiledtheATH-S300BTwirelessheadphoneswithhear-throughnoise-cancellation,multipointpairing,and90hoursofbatterylife.Thenoise-cancellingfeaturehasthreemodes:off,on,andhear-through,whereambientsoundscanbehea

First complete PCIe 7.0 IP solution presented by Synopsys coming to market in 2025 for HPCs and AI supercomputersJun 14, 2024 am 09:19 AM

Backin2022,whenPCIe7.0wasstartingtotakeshapeasafuturestandard,PCIe5.0wasjusthittingtheservermarketsandtheprospectofseeingPCIe6.0devicesavailableanytimesoon,letalonePCIe7.0ones,wasquitefar-fetched.CurrentlyPCIe5

See all articles

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)

2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Repo: How To Revive Teammates

4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hello Kitty Island Adventure: How To Get Giant Seeds

4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

How Long Does It Take To Beat Split Fiction?

3 weeks agoByDDD

R.E.P.O. Save File Location: Where Is It & How to Protect It?

3 weeks agoByDDD

Hot Tools

Dreamweaver CS6

Visual web development tools

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.

Safe Exam Browser

Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.

EditPlus Chinese cracked version

Small size, syntax highlighting, does not support code prompt function

mPDF

mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),

Hot Topics

Where is the login entrance for gmail email?

7331

1627

1351

1262

1209