Security researchers have discovered new macOS malware that’s built to steal your most sensitive data. Dubbed ‘Cthulhu Stealer,’ the malware targets users by impersonating popular apps so it can harvest your system password, iCloud Keychain passwords, cryptocurrency wallets, and more.
Cthulhu Stealer has reportedly been available since late 2023 as a $500/month paid service for bad actors. It can be especially effective because of how well it disguises itself as legitimate software.
Ravie Lakshmanan writes for The Hacker News:
Some of the software programs it impersonates include CleanMyMac, Grand Theft Auto IV, and Adobe GenP, the last of which is an open-source tool that patches Adobe apps to bypass the Creative Cloud service and activates them without a serial key.
Users who end up launching the unsigned file after explicitly allowing it to be run – i.e., bypassing Gatekeeper protections – are prompted to enter their system password…In the next step, a second prompt is presented to enter their MetaMask …