### New Malware Targeting macOS Users: “Cthulhu Stealer” Explored
Cybersecurity researchers have recently identified a new information-stealing malware specifically targeting Apple macOS users. Known as “Cthulhu Stealer,” this malware became available as a malware-as-a-service (MaaS) for $500 per month in late 2023. This MaaS model allows individuals with minimal technical expertise to engage in cyberattacks.
### How Cthulhu Stealer Operates
Cthulhu Stealer disguises itself as an Apple disk image (DMG) file, containing two binaries tailored to different system architectures. Written in Golang, the malware masquerades as legitimate, verified software applications such as CleanMyMac, Grand Theft Auto IV, and Adobe GenP. Upon installation, victims are prompted to enter their system and MetaMask passwords.
### What It Steals and How
The malware collects a variety of sensitive information, including:
– System details
– iCloud Keychain passwords
– Web browser cookies
– Telegram account information
This data is then compressed into a ZIP archive and sent to a command-and-control (C2) server for malicious use. The C2 server infrastructure has a history of being exploited to distribute various forms of malware. A notable example is the SolarWinds 2020 CyberAttack, which severely compromised a tech company’s software supply chain.
### Motive and Current Status
Cthulhu Stealer primarily aims to steal credentials and information from cryptocurrency wallets, thus capitalizing on the increasing value of digital assets. Reports suggest that the developers behind Cthulhu Stealer have ceased their activities, possibly due to internal conflicts and accusations of fraudulent behavior, ultimately resulting in their ban from the cybercrime community.
### Protective Measures
To safeguard against such threats, users are advised to:
– Download software exclusively from reliable sources.
– Avoid installing unverified applications.
– Regularly update their systems with the latest security patches.
Apple has also announced plans to introduce additional security measures in the forthcoming macOS Sequoia release to make it harder for users to bypass Gatekeeper protections.
By taking these precautions, users can significantly reduce the risk of falling victim to malware like Cthulhu Stealer.
