A malware was recently discovered which would steal browser cookies and other information from victims’ Apple Mac computers in order to steal cryptocurrencies.
Researchers at cybersecurity firm Palo Alto Networks published a report which stated that the malware, which is known as “CookieMiner,” intercepted browser cookies which were related to cryptocurrency exchanges and wallet service providers’ websites that were by the victims. The malicious code targeted exchanges which included Binance, Coinbase, Poloniex, Bittrex, Bitstamp and MyEtherWallet, and any website which had “blockchain” in their domain name.
It also tried to steal credit card information from issuers like Visa, Mastercard, American Express and Discover, in addition to the saved usernames and passwords from Chrome, iPhone text messages which had been backed up to iTunes and crypto wallet keys.
If hackers were successful in stealing such details, they could gain full access to victims’ crypto exchange and wallet accounts and steal funds as well.
The researchers explained thus- “CookieMiner will try and navigate past the authentication process since it steals a combination of the login credentials, text messages, and web cookies.”
The malware has another attribute too, it changes the victim’s system configuration and maliciously loads the crypto mining software. The coinminer works in a way similar to another variant which mines monero, but targets a lesser-known cryptocurrency such as Koto.
The researchers went on to suggest that cryptocurrency users should always keep an eye on their security settings and digital assets which would prevent data compromise and leakage. They also said that the Cookieminer checks whether or not an application has the firewall program called Little Snitch which runs on the victim’s computer. If the program is running, it will stop and exit,”
Monero has been the most popular cryptocurrency among hacker. Last month, a study by college researchers suggested that the hackers have mined about 5 percent of the total monero in circulation.
Crypto-mining malware have been rapidly deployed. A study from McAfee, which had been published in December, indicated that there were about 4 million new mining malware threats which came out in the third quarter of 2018 alone, in comparison to less than 500,000 in 2017 as well as in 2016.