in

New MacOS Exploit Steals Login Credentials and ‘Cryptojacks’

A new exploit for the MacOS operating system targets users’ browsing history in order to gain access to cryptoasset exchanges, cybersecurity researchers at Malwarebytes.com have found.

The exploit, named CookieMiner, targets the Safari browser to collects users’ cookie files, which are used to display false familiarity to websites. The cookie files are presented with other user credentials in order to gain access to users’ accounts – whereas otherwise most well-secured websites would ask the user to confirm a new device or location.

But CookieMiner also targets the Chrome browser. The exploit detects when credit card information is being entered and attempts to steal details, as well as login credentials and other useful information.

Users who sync their iPhones with their Macs can also be in trouble, as CookieMiner can steal text messages backed up to the computer. All of the above information is uploaded to a server controlled by the attackers.

If all this wasn’t enough, CookieMiner includes so-called “cryptojacking” mining functions. The exploit harnesses the victim’s computer’s CPU power to mine a (very) little-known cryptocurrency called Koto, a fork of ZCash (ZEC). The Monero (XMR) privacy currency is the more typical candidate for such operations, and the malicious file itself is even called “xmrig2,” perhaps in an attempt at misinformation.

Don’t Sail the High Seas

Malwarebytes found CookieMiner in a fake version of pirated software – specifically, a pirated piece of Adobe software called Zii which is the first step to gaining access to other pirated Adobe programs such as Photoshop and Illustrator.

Cybersecurity firm Kaspersky recently issued a report finding that such cryptojacking attacks are again on the rise, in lieu of ransomware attacks. What’s more, this is not even the first time that Adobe software has been singled out as an attack vector – as CryptoGlobe reported a few months ago, fake Flash updates had been used to inject Monero mining software onto users’ machines.

This post was created with our nice and easy submission form. Create your post!

Leave a Reply

Please Login to comment
  Subscribe  
Notify of

Loading…

0

Comments

0 comments

What do you think?

0 points
Upvote Downvote
How Fox News Pushes Trump to Make Every Bad Decision

How Fox News Pushes Trump to Make Every Bad Decision

Democrat Governor Ralph Northam of Virginia just stated, “I believe that I am not either of the people in that photo.” This was 24 hours after apologizing for appearing in the picture and after making the most horrible statement on “super” late term abortion. Unforgivable!