Hardware TutorialHardware NewsA $500-a-month malware dubbed \'Cthulhu Stealer\' targets macOS users and steals sensitive dataA $500-a-month malware dubbed \'Cthulhu Stealer\' targets macOS users and steals sensitive data
A new information-stealing malware targeting Apple macOS users has been exposed by cybersecurity researchers. Referred to as "Cthulhu Stealer", it first became available as a malware-as-a-service (MaaS) offering for $500 per month in late 2023. MaaS lets individuals with limited technical skills engage in cyberattacks. Notable examples of MaaS platforms include Blackshades, Zeus, Nymaim, and Emotet, which have been used to launch various types of attacks, such as banking Trojans, botnets, and ransomware.
Cthulhu Stealer is a disguised Apple disk image (DMG) file that contains two binaries, depending on the system architecture. The malware is written in Golang and impersonates verified software/apps, such as CleanMyMac, Grand Theft Auto IV, and Adobe GenP.
Users who fall victim are prompted to enter their system password and MetaMask password. Cthulhu Stealer also harvests system information, iCloud Keychain passwords, web browser cookies, and Telegram account information. This stolen data is then compressed, stored in a ZIP archive file, and exfiltrated to a command-and-control (C2) server. C2 servers have often been used in the past to distribute malicious software. The SolarWinds 2020 CyberAttack is one such example, where the software supply chain of the tech company was compromised.
The malware mainly steals credentials and cryptocurrency wallet info from various online accounts. As per reports, the individuals responsible for developing and distributing Cthulhu Stealer are no longer active in the cybercrime landscape. This is likely due to internal disputes within their organization and accusations of fraudulent activities, leading to a permanent ban.
To protect themselves, users are advised to download software only from trusted sources, avoid installing unverified apps, and keep their systems up-to-date with the latest security updates. Apple has also announced plans to add additional security measures in macOS Sequoia to prevent users from easily overriding Gatekeeper protections.
The above is the detailed content of A $500-a-month malware dubbed \'Cthulhu Stealer\' targets macOS users and steals sensitive data. For more information, please follow other related articles on the PHP Chinese website!
Select Faster on iPhone With This Two-Finger TrickApr 12, 2025 am 12:53 AMYour iPhone has multiple touch and gesture capabilities that can enhance how you interact with apps. Some, like pinch and zoom, are well known enough to be considered second nature, but others are less obvious, like the one we're about to explain.Two
How to Adjust Mac Volume and Brightness More PreciselyApr 11, 2025 pm 09:01 PMOn a Mac that has a top row of function keys, Apple includes volume and brightness controls that can be used to make adjustments in stepwise increments. However, there may be times when you want to make more fine grained adjustments to these settings
The best JRPGs to play in 2025Apr 11, 2025 am 11:39 AMThe best JRPGs (Japanese role-playing games) in 2025 use theatrical storytelling and vibrant ensemble casts to weave powerful experiences that stay with us long after we put the controller down.Contrary to the name, JRPGs aren't necessarily all from
Best horror games: the scariest titles to play in 2025Apr 11, 2025 am 11:09 AMThe best horror games in 2025 may not be the most comforting things to play, but they're guaranteed to get your adrenaline rushing.There have been some fantastic additions to the horror game genre recently. With Alan Wake 2, the Resident Evil 4 remak
Best Assassin’s Creed games in 2025: every series entry rankedApr 11, 2025 am 10:42 AMThe best Assassin’s Creed games still hold up in 2025, combining historical intrigue with heaps of stealth-focused action. And while the series has gone through many changes over the years, it's still one of the biggest names around, with plenty of
Best crossplay games 2025: top titles for cross-platform play with friendsApr 11, 2025 am 09:41 AMThe best crossplay games in 2025 make it easy to play with all of your friends, regardless of where they're playing. They also help with picking up your game on a different platform without having to start over, and they show that playing together do
Here's where to pre-order the Nintendo Switch 2 Pro Controller – UK fans can buy the pad, but US gamers have to waitApr 11, 2025 am 09:02 AMAlongside the wider Nintendo Switch 2 pre-orders that have gone live in some territories recently, fans where stock is available can also pre-order the new Nintendo Switch 2 Pro Controller.Given how it looks and what it offers to players looking to p
How to Mute Lengthy Email Threads on iPhoneApr 10, 2025 pm 09:01 PMWhen you're part of a busy group chat in Apple's Messages app, the notifications can come fast, and quickly become tiresome if you're not participating as actively as others in the same chat thread. That's why Apple includes a mute option to silence
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
EditPlus Chinese cracked version
Small size, syntax highlighting, does not support code prompt function
Notepad++7.3.1
Easy-to-use and free code editor
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment
