Cryptocurrency Scam Alert: Mac Exchange Users Targeted
Reports by a cyber security firm claim to have identified a piece of malware designed to beat the two-factor authentication commonly used to help protect various online accounts. The software steals credentials, including browser cookies, to allow access to cryptocurrency exchange accounts. CookieMiner, as the malware is known, targets exclusively Mac users owing to the cross-device functionality of Apple’s products.
In addition to stealing login details and creatively subverting security precautions, the CookieMiner malware also uses the victim’s machine to covertly mine an obscure digital asset called Koto.
Mac Users Beware: CookieMiner Malware Puts Cryptocurrency Traders at Risk
According to research conducted by Palo Alto Networks, a new piece of malware is targeting Mac users. The cyber security firm have nicknamed the attack “CookieMiner”. This is because the software steals cookies from a victim’s infected machine, along with covertly mining cryptocurrency to enrich those behind the scam – known as cryptojacking.
Since cryptocurrency exchanges use multiple layers of security precautions, a series of different steps are taken to gain access to accounts:
The Knives are Out on Crypto Twitter as Bitcoin OG Turns into Altcoin Shill
Monday February 24, 2020
One of the earliest Bitcoin proponents is facing criticism for publicly endorsing an alternative crypto asset. Trace Mayer, who recommended people buy Bitcoin back in 2010, appeared on a recent YouTube interview talking very...
The post The Knives are Out on Crypto Twitter as Bitcoin OG Turns into Altcoin Shill appeared first on 12bitplay - Bitcoin Play.
Google Chrome and Apple Safari cookies are stolen.
Saved usernames and credit card information from Chrome are stolen.
Text messages backed up to Mac are stolen from victims’ iPhone.
Browser cookies are stolen to defeat login anomaly detection.
XRP Positioned to See Major Downside Because of These Simple Factors
Saturday February 22, 2020
XRP’s recent price action has been lackluster to say the least, with its notable surge up to highs of $0.35 being met with significant resistance which, coupled with the bearishness seen across the aggregated...
The post XRP Positioned to See Major Downside Because of These Simple Factors appeared first on 12bitplay - Bitcoin Play.
CookieMiner’s primary purpose is to gain access to Mac users’ accounts at popular digital currency exchanges. However, since exchanges make use of heightened security procedures when users login, their credentials alone are not usually enough to compromise an account. That is why CookieMiner also attempts to trick the exchanges’ automated account protection procedures by also stealing browser cookies. These are used to ensure that the device used to sign in is not flagged as suspicious, even though the account’s owner will never have used that device before.
Cyber criminals are getting increasingly creative when it comes to stealing cryptocurrency.
With this combination of login credentials and cookies, attackers can often bypass the two-factor authentication process protecting accounts. This gives them full access to any cryptocurrency the victim has stored at the compromised exchange account.
CookieMiner Also Mines Cryptocurrency on Behalf of its Victims
Since the malware provides no guarantees of revenue for those behind it, CookieMiner also installs mining software on the infected machine. Palo Alto Networks claim that the program is made to look like a piece of Monero-mining software. However, instead of mining the most frequently cryptojacked asset, it sets Mac users’ machine mining Koto, another privacy-focused cryptocurrency associated with Japan that can be mined using just a CPU.
Of course, this is hardly the first example of cryptojacking NewsBTC has reported on. Previous example have included efforts by North Korean hackers to earn revenue outside of typical international trade, which the rogue nation is largely excluded from. There is, however, no evidence as of yet to suggest that the CookieMiner attack is related to these past examples.
Related Reading: Security Firm Avast Demonstrates Cryptojacking Risks to Smartphones and IoT Devices
Featured Images from Shutterstock.
The post Cryptocurrency Scam Alert: Mac Exchange Users Targeted appeared first on NewsBTC.
Ethereum Nosedives 10%, Here Are Important Supports The Bulls Must Watch
Wednesday February 26, 2020
Ethereum is down close to 10% and it broke the key $255 support area against the US Dollar. ETH price might continue to slide, but the $230 and $225 levels are likely to provide...
The post Ethereum Nosedives 10%, Here Are Important Supports The Bulls Must Watch appeared first on 12bitplay - Bitcoin Play.