Cryptocurrency Scam Alert: Mac Exchange Users Targeted
Reports by a cyber security firm claim to have identified a piece of malware designed to beat the two-factor authentication commonly used to help protect various online accounts. The software steals credentials, including browser cookies, to allow access to cryptocurrency exchange accounts. CookieMiner, as the malware is known, targets exclusively Mac users owing to the cross-device functionality of Apple’s products.
In addition to stealing login details and creatively subverting security precautions, the CookieMiner malware also uses the victim’s machine to covertly mine an obscure digital asset called Koto.
Mac Users Beware: CookieMiner Malware Puts Cryptocurrency Traders at Risk
According to research conducted by Palo Alto Networks, a new piece of malware is targeting Mac users. The cyber security firm have nicknamed the attack “CookieMiner”. This is because the software steals cookies from a victim’s infected machine, along with covertly mining cryptocurrency to enrich those behind the scam – known as cryptojacking.
Since cryptocurrency exchanges use multiple layers of security precautions, a series of different steps are taken to gain access to accounts:
Crypto Market Remains Strong: Bitcoin Cash, BNB, EOS, TRX Price Analysis
Saturday May 25, 2019
The total crypto market cap grinded higher and tested the $245.0B resistance area. Bitcoin price is currently consolidating near the $8,000 level. EOS price broke the $6.30 resistance and it is currently moving towards...
The post Crypto Market Remains Strong: Bitcoin Cash, BNB, EOS, TRX Price Analysis appeared first on 12bitplay - Bitcoin Play.
Google Chrome and Apple Safari cookies are stolen.
Saved usernames and credit card information from Chrome are stolen.
Text messages backed up to Mac are stolen from victims’ iPhone.
Browser cookies are stolen to defeat login anomaly detection.
Engineering Giant Bosch Trials Ethereum Tech as ETH Retraces 5%
Thursday May 23, 2019
Ethereum (ETH) down 4.8 percent and hanging Bosch, Samsung, and Amazon see potential in Ethereum Vitalik zeroed in on Augur and Kleros as two projects that would eliminate human verification, as Bosch said they...
The post Engineering Giant Bosch Trials Ethereum Tech as ETH Retraces 5% appeared first on 12bitplay - Bitcoin Play.
CookieMiner’s primary purpose is to gain access to Mac users’ accounts at popular digital currency exchanges. However, since exchanges make use of heightened security procedures when users login, their credentials alone are not usually enough to compromise an account. That is why CookieMiner also attempts to trick the exchanges’ automated account protection procedures by also stealing browser cookies. These are used to ensure that the device used to sign in is not flagged as suspicious, even though the account’s owner will never have used that device before.
Cyber criminals are getting increasingly creative when it comes to stealing cryptocurrency.
With this combination of login credentials and cookies, attackers can often bypass the two-factor authentication process protecting accounts. This gives them full access to any cryptocurrency the victim has stored at the compromised exchange account.
CookieMiner Also Mines Cryptocurrency on Behalf of its Victims
Since the malware provides no guarantees of revenue for those behind it, CookieMiner also installs mining software on the infected machine. Palo Alto Networks claim that the program is made to look like a piece of Monero-mining software. However, instead of mining the most frequently cryptojacked asset, it sets Mac users’ machine mining Koto, another privacy-focused cryptocurrency associated with Japan that can be mined using just a CPU.
Of course, this is hardly the first example of cryptojacking NewsBTC has reported on. Previous example have included efforts by North Korean hackers to earn revenue outside of typical international trade, which the rogue nation is largely excluded from. There is, however, no evidence as of yet to suggest that the CookieMiner attack is related to these past examples.
Related Reading: Security Firm Avast Demonstrates Cryptojacking Risks to Smartphones and IoT Devices
Featured Images from Shutterstock.
The post Cryptocurrency Scam Alert: Mac Exchange Users Targeted appeared first on NewsBTC.
Coinbase’s Weekly Ethereum (ETH) Volume Up 28% Could Be A Bullish Hint
Tuesday May 21, 2019
Ethereum (ETH) up 28.1 percent Trading volumes surge ahead of Istanbul hard fork and Serenity Serenity is supportive of prices. So far, Ethereum (ETH) is up 28.1 percent. Even so, there is room for...
The post Coinbase’s Weekly Ethereum (ETH) Volume Up 28% Could Be A Bullish Hint appeared first on 12bitplay - Bitcoin Play.