Skip to main content
  1. Home
  2. Computing
  3. News

A new malware threat to macOS adds to the data-stealing surge

By
Mac password prompt.
Cado Security

If you still think Macs are inherently safe from malware, think again.

Mac users have another threat to worry about. Cthulhu Stealer, a new Mac malware threat, tries to steal sensitive data such as passwords and cryptocurrency wallets, Cado Security reports in a blog post. The malware threat disguises itself as authentic software to gather login credentials.

Recommended Videos

Cado Security describes how the malware functions: “Cthulhu Stealer is an Apple disk image (.dmg) that is bundled with two binaries, depending on the architecture. The malware is written in Golang and disguises itself as legitimate software. Once the user mounts the .dmg, the user is prompted to open the software. After opening the file, osascript, the macOS command-line tool for running AppleScript and JavaScript, is used to prompt the user for their password. ”

After this, users will see a second prompt to enter their MetaMask password. Cuckoo, Atomic Stealer, and Banshee Stealer also use this technique. However, the latest malware threat aims to gather system data and get rid of users’ iCloud Keychain passwords via a software named Chainbreaker.

Users must be cautious, as the new malware can masquerade as software apps such as AdobeGenP, CleanMyMac, and Grand Theft Auto IV by leveraging Apple disk images (DMG). You can use the AdobeGenP app without entering a serial key or paying for a Creative Cloud subscription.

Cthulhu Stealer takes data, including Telegram account information and web browser cookies, puts it into a ZIP archive file, and sends it to a command-and-control (C2) server — in other words, to the attackers. It also shares similarities with Atomic Stealer, having the same spelling mistakes and other functions and features, which indicates the developer used the same code and made some modifications.

Users can take precautions to stay safe, such as only downloading software from trustworthy sources and keeping their Macs running on the latest version. Downloading some legitimate Mac antivirius software isn’t a bad idea, either.

Apple is aware of the rise in Mac malware and has made essential security changes, saying, “In macOS Sequoia, users will no longer be able to Control-click to override Gatekeeper when opening software that isn’t signed correctly or notarized.” You’ll need to go to System Settings > Privacy & Security to analyze the security information for the software before you use it.

Editors’ Recommendations

Topics
Judy Sanhz
Judy Sanhz
Computing Writer
Judy Sanhz is a Digital Trends computing writer covering all computing news. Loves all operating systems and devices.
I’ve been using the first macOS Sequoia public beta. Here’s my take on it so far
The iPhone Mirroring feature from macOS Sequoia being demonstrated at the Worldwide Developers Conference (WWDC) 2024.

Apple today launched the macOS Sequoia public beta, opening the doors to app developers, bug hunters, and curious users alike. With the full release not expected until much later this year, it’s a good opportunity to get a sneak peek at what Apple has in store for us.

Or at least, a sneak peek at most of what’s planned. Despite being packed with features, macOS Sequoia is missing the headline-grabbing Apple Intelligence feature, at least for the time being. Without that, is it still worth downloading and installing the public beta?

Read more
The macOS Sequoia public beta just launched. Here’s how to download it
Apple's Craig Federighi introducing the new window tiling feature in macOS Sequoia at the Worldwide Developers Conference (WWDC) 2024.

The public beta for macOS Sequoia is here, and that means anyone with a compatible device can install it and try it out -- no paid developer memberships needed. Here's how to get it.

First of all, you'll need a PC that can run macOS Sequoia. This is the list of compatible models:

Read more
The ChatGPT app has changed how I use my Mac in three key ways
The Option+Space shortcut of the macOS ChatGPT app.

After a long wait, OpenAI has launched the ChatGPT app on macOS for everyone to use. I’ve been playing around with it to see how it works and what it’s good at, and I’ve come away pretty impressed so far. It’s got all the power of ChatGPT in a handy desktop package. Better yet, you don’t need to pay to use it, as there’s no cost to download it, and it works with a free OpenAI account (free accounts do have limits placed on their usage, though, as they do on the web).

After seeing what I can get out of it, I’ve found there are three things I really love about the new ChatGPT Mac app. From the way it launches to its impressive capabilities, I think you’ll enjoy these aspects of the app as well.
It launches with a clever shortcut

Read more