Malware that steals from Crypto Wallets of Mac Users


PaloAlto Networks recently discovered a Malware that steals from crypto wallets . This Malware targets Mac users to steal contents of their cryptocurrency wallets. It generally steals the Browser’s cookies associated with the Credentials of the cryptocurrency wallet.

The malware is named “cookieminer” because of its ability to steal Browser cookies associated with the Cryptocurrency wallet services.


This Malware targets :

  • Google Chrome and Apple Safari browser’s cookies associated with cryptocurrency exchange and wallet service websites.
  • Usernames, passwords and Credit card information saved in Chrome web browser.
  • Cryptocurrency wallet data and keys.
  • iPhone’s text messages of victims stored in iTunes backups.

It is currently unknown how this Malware gains unauthorized access to systems , But once it gets into the system, the malware scans cookies to check if they are linked with any cryptocurrency service website.

Some target sites that this malware scans for are Binance, Coinbase, Poloniex, Bittrex, Bitstamp and MyEtherWallet. This malware then uses a simple shell script operation to steal browser cookies, then uploads them to a remote server.

Attackers can now simply impersonate the victim and login into their accounts without any suspicion.

Once the hacker login to the victim’s account then the hacker have the same privileges as the original user did although users can prevent this from happening by securing their accounts with good security mechanisms.

This malware not just steals cookies but also plants a Cryptojacker into the Compromised OSX machines, enabling Hackers to secretly mine digital currency using the compromised computer’s resources. This malware mines privacy-focused cryptocurrency called koto, used in Japan.

The CookieMiner also plants a script for persistence and remote control of the compromised machine after sending the cookie files to the remote server , Allowing themselves to completely own the target computer for further attacks. Although this all currently appears to be related to mining.

How to be safe?

Cryptocurrency owners should keep an eye on their security settings and digital assets to prevent compromise and leakage.

Leave a Reply

Your email address will not be published. Required fields are marked *

Single Column Posts

Single Column Posts Subtitle

South America bucks up in the Crypto and Blockchain field

The Central Bank of Brazil (BCB) has recently announced the launch of its second edition of the Laboratory of Financial...

Blockchain is supposedly Bigger than The Gutenberg Press And The Internet

The CEO of Overstock, Mr. Patrick Byrne has been a well-known and extremely knowledgeable crypto enthusiast, who has well in...

Blockchain ETF Launches on the London Stock Exchange

Investment management firm Invesco has launched a blockchain exchange-traded fund (ETF) on the London Stock Exchange last week. Invesco has...

Paxos is all about to be showered in gold

The blockchain firm, Paxos will be launching its digital token which will be backed by the precious metal, gold. During an...

Regulators Are Calling 2019 the “Year of the Blockchain”

Regulators have eased regulations regarding blockchain technology as most of them feel that it might harm the development of the...