MacOS users installing crypto price monitoring app fell victim to trojan, researcher finds.
Confirmed in a blog post by the cybersecurity software developer, community member 1vladimir reported suspicious behavior by an app called CoinTicker over the weekend.
The app purports to let users track cryptocurrency prices from within the Mac toolbar, which update automatically.
“Although this functionality seems to be legitimate, the app is actually up to no good in the background, unbeknownst to the user,” Malwarebytes’ blog post explains, adding:
“Without any signs of trouble, such as requests for authentication to root, there’s nothing to suggest to the user that anything is wrong.”
Upon further inspection, it became clear CoinTicker contained script that would download two backdoors onto the host machine, allowing a remote party to take control of it.
The Github repository from which the CoinTicker malware downloaded the backdoors has since been deleted, tech magazine Bleeping Computer meanwhile notes.
In its own analysis, the publication suggests the app could well have purely been developed to distribute the trojan.
While it is unknown how many machines the malware has infected in the few days since its discovery, the episode is a further reminder of the voracity of attackers targeting cryptocurrency investors.
Source: , CoinTelegraph
Articles listed with Cash Tech News as the author are either general information, or may have been imported from another website, to bring our readers a rich media experience that encompasses articles that we find interesting, as well as those curated by others.
The views and opinions expressed here are for informational purposes only, and should not be confused with professional financial advice. These opinions are solely those of the author and do not necessarily reflect the views of CashTechNews.com. Every investment and trade involves risk. You should conduct your own research, and contact your professional financial advisor before making any investment.
Corrections, feedback, and ideas should be submitted through the website contact form.