New Malware “Cthulhu Stealer” Poses Major Threat to Mac Users’ Crypto Wallets

“Cthulhu Stealer,” a new and hazardous type of malware, has surfaced that targets users of Apple Mac computers and their bitcoin wallets. Because it may access many cryptocurrency wallets and steal confidential personal information, this dangerous malware is especially concerning. Users may find it challenging to identify the malware since it is disseminated via Apple disk image (DMG) files and appears as reliable programs like CleanMyMac or Adobe GenP.

Once users download and open these DMG files, they are prompted to enter their system password. After entering the password, they are then asked to provide passwords for their cryptocurrency wallets, including popular ones like MetaMask, Coinbase, and Binance. Cthulhu Stealer records this information, storing it in text files, and collects additional data about the victim’s system, such as the IP address and operating system version. This data can then be used to compromise the user’s cryptocurrency holdings and personal information.

Rising Malware Threats on macOS

On August 22, Cado Security, a prominent cybersecurity firm, highlighted the growing threat posed by Cthulhu Stealer. Although macOS has traditionally been seen as a secure operating system, recent years have seen a rise in malware specifically designed to target it. The new malware closely resembles “Atomic Stealer,” a similar threat identified in 2023, suggesting that Cthulhu Stealer’s developers may have repurposed existing code to create this new variant.

In response to these increasing threats, Apple has taken steps to bolster macOS security. The tech giant recently released an update aimed at strengthening Gatekeeper protections, which are designed to prevent unauthorized applications from running on the system. This update is part of Apple’s ongoing efforts to address the rising risk of malware targeting Mac users, especially in light of recent attacks like AMOS, which could clone the Ledger Live software.