Kaspersky warns of Mac exploit to target Bitcoin and Exodus wallets

Apple users who are generally accustomed to ignoring malware alerts that typically affect more open platforms should take note: There is a verified macOS exploit targeting the latest version of the operating system that can trick Bitcoin and Exodus wallet users into downloading a fake malicious version of Their software, cybersecurity company Kaspersky mentioned.

Clean Living Helps: Kaspersky said the newly discovered malware is distributed through pirated applications, and unlike other proxy Trojans or programs that aim to take control of a remote computer, this malware focuses on hacking wallet applications.

“The crypto-Trojan is unique in two ways: first, it uses DNS records to deliver its malicious Python script,” Kaspersky said. “Secondly, it is not just crypto wallets being stolen; It replaces the wallet application with its infected version. This allows it to steal the secret phrase used to access the cryptocurrency stored in the wallets.

According to Kaspersky, the malware targets macOS versions 13.6 and later, whether running on Intel or Apple Silicon devices.

“The creators show extraordinary creativity by hiding the Python script in the DNS server log, which increases the level of malware stealth in network traffic,” Sergey Buzan, a security researcher at Kaspersky, said in the report. “Users should be more careful, especially regarding their cryptocurrency wallets. Avoid downloading from suspicious sites and use reliable cybersecurity solutions for better protection.

Malware targeting cryptocurrency wallets is nothing new. Since November, more than $4 million has been stolen through fake airdrops and scams on the Solana network. In a separate report in June, security firm Elliptic Connect reported that hackers linked to North Korea's Lazarus Group stole more than $35 million from Atomic Wallet users and stole multiple cryptocurrencies, including USDT, XRP, Cardano, and Dogecoin.

Although Kaspersky spokesman says Decryption Since the company did not contact Apple and Exodus, Kaspersky's report alarmed Exodus Wallet CEO JP Richardson, who noted that popular wallets like Exodus, Coinbase, and MetaMask have been targets of hackers in the past.

“At Exodus, we are deeply committed to protecting our customers,” Richardson said. Decryption. “Our approach includes comprehensive code audits by our engineers to identify and mitigate any potential threats,” he said, adding that the process includes internal and external reviews to ensure the highest level of scrutiny.

Richardson said that while Exodus prioritizes customer security, the company recommends using a hardware wallet as an additional layer of security.

“It's really alarming how social engineering malware attacks affect people, especially in terms of financial loss,” he said.

For users looking to protect their digital investments, Kaspersky recommends updating their computer's operating system, installing anti-malware software, and only downloading apps from official stores like the Apple App Store.

“Applications from these markets are not 100% safe, but at least they are checked by store representatives, and there are some filtering systems – not every application can enter these stores,” Kaspersky said.

Despite these precautions and the additional security hardware wallets provide, they are not a panacea against theft. In November, blockchain analyst ZachXBT reported that 16.8 bitcoins, about $587,238 at the time, were stolen after downloading the fake Ledger cryptocurrency wallet management app from the Microsoft App Store.

Edited by Ryan Ozawa.