Cryptocurrency Scam Alert: Mac Exchange Users Targeted
Reports by a cyber security firm claim to have identified a piece of malware designed to beat the two-factor authentication commonly used to help protect various online accounts. The software steals credentials, including browser cookies, to allow access to cryptocurrency exchange accounts. CookieMiner, as the malware is known, targets exclusively Mac users owing to the cross-device functionality of Apple’s products.
In addition to stealing login details and creatively subverting security precautions, the CookieMiner malware also uses the victim’s machine to covertly mine an obscure digital asset called Koto.
Mac Users Beware: CookieMiner Malware Puts Cryptocurrency Traders at Risk
According to research conducted by Palo Alto Networks, a new piece of malware is targeting Mac users. The cyber security firm have nicknamed the attack “CookieMiner”. This is because the software steals cookies from a victim’s infected machine, along with covertly mining cryptocurrency to enrich those behind the scam – known as cryptojacking.
Since cryptocurrency exchanges use multiple layers of security precautions, a series of different steps are taken to gain access to accounts:
Ethereum Price (ETH) At Potentially Major Turning Point
Friday August 23, 2019
ETH price started a decent recovery after it tested the $180 support area against the US Dollar. The price is currently struggling to break a major resistance area near the $195 level. There is...
The post Ethereum Price (ETH) At Potentially Major Turning Point appeared first on 12bitplay - Bitcoin Play.
Google Chrome and Apple Safari cookies are stolen.
Saved usernames and credit card information from Chrome are stolen.
Text messages backed up to Mac are stolen from victims’ iPhone.
Browser cookies are stolen to defeat login anomaly detection.
Bullish for Bitcoin Price: Wall Street’s Ex-Central Bankers Advocate For “Free Money”
Monday August 19, 2019
The past few months have been an absolute whirlwind for Bitcoin and other crypto assets. Ever since the start of 2019, the cryptocurrency class has outperformed, outpacing every single other notable asset class currently...
The post Bullish for Bitcoin Price: Wall Street’s Ex-Central Bankers Advocate For “Free Money” appeared first on 12bitplay - Bitcoin Play.
CookieMiner’s primary purpose is to gain access to Mac users’ accounts at popular digital currency exchanges. However, since exchanges make use of heightened security procedures when users login, their credentials alone are not usually enough to compromise an account. That is why CookieMiner also attempts to trick the exchanges’ automated account protection procedures by also stealing browser cookies. These are used to ensure that the device used to sign in is not flagged as suspicious, even though the account’s owner will never have used that device before.
Cyber criminals are getting increasingly creative when it comes to stealing cryptocurrency.
With this combination of login credentials and cookies, attackers can often bypass the two-factor authentication process protecting accounts. This gives them full access to any cryptocurrency the victim has stored at the compromised exchange account.
CookieMiner Also Mines Cryptocurrency on Behalf of its Victims
Since the malware provides no guarantees of revenue for those behind it, CookieMiner also installs mining software on the infected machine. Palo Alto Networks claim that the program is made to look like a piece of Monero-mining software. However, instead of mining the most frequently cryptojacked asset, it sets Mac users’ machine mining Koto, another privacy-focused cryptocurrency associated with Japan that can be mined using just a CPU.
Of course, this is hardly the first example of cryptojacking NewsBTC has reported on. Previous example have included efforts by North Korean hackers to earn revenue outside of typical international trade, which the rogue nation is largely excluded from. There is, however, no evidence as of yet to suggest that the CookieMiner attack is related to these past examples.
Related Reading: Security Firm Avast Demonstrates Cryptojacking Risks to Smartphones and IoT Devices
Featured Images from Shutterstock.
The post Cryptocurrency Scam Alert: Mac Exchange Users Targeted appeared first on NewsBTC.
Winklevii Twins on Bitcoin: “We Couldn’t Miss Out on this Future”
Thursday August 22, 2019
Despite owning more Bitcoin that most of us could possible imagine, the story of how the joint owners of the Gemini cryptocurrency trading platform first got into the digital asset space is all too...
The post Winklevii Twins on Bitcoin: “We Couldn’t Miss Out on this Future” appeared first on 12bitplay - Bitcoin Play.