Malware that steals from Crypto Wallets of Mac Users


PaloAlto Networks recently discovered a Malware that steals from crypto wallets . This Malware targets Mac users to steal contents of their cryptocurrency wallets. It generally steals the Browser’s cookies associated with the Credentials of the cryptocurrency wallet.

The malware is named “cookieminer” because of its ability to steal Browser cookies associated with the Cryptocurrency wallet services.


This Malware targets :

  • Google Chrome and Apple Safari browser’s cookies associated with cryptocurrency exchange and wallet service websites.
  • Usernames, passwords and Credit card information saved in Chrome web browser.
  • Cryptocurrency wallet data and keys.
  • iPhone’s text messages of victims stored in iTunes backups.

It is currently unknown how this Malware gains unauthorized access to systems , But once it gets into the system, the malware scans cookies to check if they are linked with any cryptocurrency service website.

Some target sites that this malware scans for are Binance, Coinbase, Poloniex, Bittrex, Bitstamp and MyEtherWallet. This malware then uses a simple shell script operation to steal browser cookies, then uploads them to a remote server.

Attackers can now simply impersonate the victim and login into their accounts without any suspicion.

Once the hacker login to the victim’s account then the hacker have the same privileges as the original user did although users can prevent this from happening by securing their accounts with good security mechanisms.

This malware not just steals cookies but also plants a Cryptojacker into the Compromised OSX machines, enabling Hackers to secretly mine digital currency using the compromised computer’s resources. This malware mines privacy-focused cryptocurrency called koto, used in Japan.

The CookieMiner also plants a script for persistence and remote control of the compromised machine after sending the cookie files to the remote server , Allowing themselves to completely own the target computer for further attacks. Although this all currently appears to be related to mining.

How to be safe?

Cryptocurrency owners should keep an eye on their security settings and digital assets to prevent compromise and leakage.

Leave a Reply

Your email address will not be published. Required fields are marked *

Single Column Posts

Single Column Posts Subtitle

A brief insight into North America Crypto Round-Up

The United States: JP Morgan has recently Launched a New Crypto asset. JP Morgan has been rated as one of...

QuadrigaCX Accidentally Transferred $500K in BTC to Forbidden Cold Wallets

According to a report published by Ernst and Young on 12th February ’19, one of the major crypto exchanges of Canada,...

Everipedia to Verify Sources through Blockchain-based Geospatial Software

Everipedia is a crypto-based information doorway which was branched from Wikipedia in the year 2017. Everipedia has now decided to...

Airbus detected Data Breach issues

Recently, Airbus reported a data breach. In addition, Airbus is the world's second-largest aircraft manufacturer giant. Airbus manufactures, designs and...

Collaboration between Litecoins and Beam to create a more private system

A bitcoin transaction often discloses the information about the sender’s address, amount sent and receiver’s address, this lead to the...