• Press Releases
    • Submit a press release
    • Read All
  • Contact us
Advertise
Bitcoinist.com
Buy Neo Pepe
No Result
View All Result
🚀 BUY NEO PEPE PROTOCOL 🚀
  • Bitcoin
    • News
    • Price
    • Businesses
    • Acceptance
    • Technology
    • Investment
    • Regulation
    • Reviews
    • All Bitcoin News
  • Altcoins
    • News
    • Price
    • Ethereum
    • Ripple
    • Litecoin
    • EOS
    • NAGA
    • All Altcoin News
  • Tech
    • Blockchain
    • Security
    • FinTech
    • Price
      • Bitcoin Price
      • Ethereum Price
      • Binance Coin Price
      • Litecoin Price
  • Industry
    • Industry News
    • Press Releases
  • How to
    • Buy gift cards/mobile Top Ups with Cryptos
    • What Is Bitcoin?
    • Best Bitcoin Wallet
    • Bitcoin vs Ethereum
    • Why Use Blockchain Technology?
    • Bitcoin Cash ABC vs. Bitcoin Cash SV
    • How to Buy Cryptocurrency
    • How to do Crypto Gambling
      • Crypto Casinos
        • Ethereum Casinos
        • Solana Casinos
        • LiteCoin Casinos
        • DogeCoin Casinos
        • Live Crypto Casinos
        • New Casinos
        • Instant Withdrawal Casinos
        • Cash App Casinos
        • No KYC Casinos
        • VPN Casinos
        • Offshore Casinos
          • Crypto Casinos IT
          • Crypto Casinos ES
            • All Guides
          • Crypto Casinos JP
          • Crypto Casinos SG
          • Crypto Casinos MY
          • Crypto Casinos KR
          • No GAMSTOP Casinos in UK
          • No Cruks Casinos NL
      • Crypto Betting
        • No ID sportsbooks
    • Play Crypto Games
      • Crypto Poker
      • Crypto Slots
      • Crypto Blackjack
      • Crypto Crash Gambling
        • Aviator Sites
      • Plinko
    • Bitcoin Mining
    • Best Bitcoin Brokers
    • Best Bitcoin Forex Brokers
    • How To Earn Bitcoin
    • What is Facebook Libra?
    • Ripple and XRP: The Complete Guide
  • Events
  • Play Games
Breaking News: World Liberty Financial Accuses Exchange Of Token Manipulation, Justin Sun Blacklisted
🚀 BUY NEO PEPE PROTOCOL 🚀
  • Bitcoin
    • News
    • Price
    • Businesses
    • Acceptance
    • Technology
    • Investment
    • Regulation
    • Reviews
    • All Bitcoin News
  • Altcoins
    • News
    • Price
    • Ethereum
    • Ripple
    • Litecoin
    • EOS
    • NAGA
    • All Altcoin News
  • Tech
    • Blockchain
    • Security
    • FinTech
    • Price
      • Bitcoin Price
      • Ethereum Price
      • Binance Coin Price
      • Litecoin Price
  • Industry
    • Industry News
    • Press Releases
  • How to
    • Buy gift cards/mobile Top Ups with Cryptos
    • What Is Bitcoin?
    • Best Bitcoin Wallet
    • Bitcoin vs Ethereum
    • Why Use Blockchain Technology?
    • Bitcoin Cash ABC vs. Bitcoin Cash SV
    • How to Buy Cryptocurrency
    • How to do Crypto Gambling
      • Crypto Casinos
        • Ethereum Casinos
        • Solana Casinos
        • LiteCoin Casinos
        • DogeCoin Casinos
        • Live Crypto Casinos
        • New Casinos
        • Instant Withdrawal Casinos
        • Cash App Casinos
        • No KYC Casinos
        • VPN Casinos
        • Offshore Casinos
          • Crypto Casinos IT
          • Crypto Casinos ES
            • All Guides
          • Crypto Casinos JP
          • Crypto Casinos SG
          • Crypto Casinos MY
          • Crypto Casinos KR
          • No GAMSTOP Casinos in UK
          • No Cruks Casinos NL
      • Crypto Betting
        • No ID sportsbooks
    • Play Crypto Games
      • Crypto Poker
      • Crypto Slots
      • Crypto Blackjack
      • Crypto Crash Gambling
        • Aviator Sites
      • Plinko
    • Bitcoin Mining
    • Best Bitcoin Brokers
    • Best Bitcoin Forex Brokers
    • How To Earn Bitcoin
    • What is Facebook Libra?
    • Ripple and XRP: The Complete Guide
  • Events
  • Play Games
Bitcoinist.com
No Result
View All Result
Breaking News: World Liberty Financial Accuses Exchange Of Token Manipulation, Justin Sun Blacklisted
Crypto

Macbook Crypto Users Targeted By Advanced Malware Attack, Cybersecurity Firm Warns

Ronaldo Marquez
by Ronaldo Marquez
1 year ago
·
Posted in Crypto News
Trusted Editorial content, reviewed by leading industry experts and seasoned editors. Ad Disclosure

In the rapidly growing crypto industry, the widespread adoption of cryptocurrencies has attracted not only legitimate users but also cybercriminals seeking to exploit vulnerabilities. 

Recent findings from cybersecurity firm Kaspersky shed light on a sophisticated malware attack targeting Macbook users in the crypto space. 

Harvesting Sensitive Data From Infected Mac Systems

Kaspersky Lab experts discovered that the attackers repacked pre-cracked applications as Package (PKG) files – a type of file format commonly used on Macbooks – and embedded a Trojan proxy and a post-installation script. 

The malware-laden applications were mainly distributed through pirated software channels. Once users attempted to install the cracked applications, they unknowingly triggered the infection process.

To deceive users, the infected installation package displayed a window with installation instructions, instructing them to copy the application to the /Applications/ directory and launch an application called “Activator.” 

Related Reading: Coinbase Stock Dips 5% As JPMorgan Takes Bearish Stance On Bitcoin ETFs
Crypto
Activator window and password form to target crypto users. Source: Kaspersky

Although appearing unsophisticated at first glance, Activator prompted users to enter a password, effectively granting the malware administrator privileges.

Upon execution, the malware checked the system for an installed copy of the programming language Python 3 and, if absent, installed a previously copied version of Python 3 from the Macbook operating system directory. 

The malware then ” patched” the downloaded app by comparing the modified executable with a sequence hardcoded inside Activator. If a match was found, the malware removed the initial bytes, making the application appear cracked and functional to the user. However, the true intentions of the attackers became apparent as the malware initiated its main payload. 

The infected sample established communication with a command-and-control (C2) server by generating a unique Uniform Resource Locator (URL), or web address, through a combination of hardcoded words and a random third-level domain name. 

This method allowed the malware to conceal its activities within normal DNS server traffic, ensuring the payload download.

The decrypted script obtained from the C2 server – a remote server or infrastructure used by cybercriminals to control and manage their malware or botnet operations – revealed that the malware operated by executing arbitrary commands received from the server. These commands were often delivered as Base64-encoded Python scripts.

Furthermore, the malware harvested sensitive information from the infected system, including the operating system version, user directories, list of installed applications, CPU type, and external IP address. The gathered data was then sent back to the server.

Malware Campaign Targets Crypto Wallet Applications

While analyzing the malware campaign, Kaspersky observed that the C2 server did not return any commands during their investigation and eventually stopped responding. 

However, subsequent attempts to download the third-stage Python script led to the discovery of updates in the script’s metadata, indicating ongoing development and adaptation by the malware operators.

Additionally, the malware contained functions specifically targeting popular crypto wallet applications, such as Exodus and Bitcoin-Qt. 

If these applications were detected on the infected system, the malware attempted to replace them with infected versions obtained from a different host, apple-analyzer [.]com. 

These infected crypto wallets included mechanisms to steal wallet unlock passwords and secret recovery phrases from unsuspecting users.

Related Reading: 200,000 Bitcoin Poised For Release, Mt. Gox Confirms Repayments

The cybersecurity firm emphasized that malicious actors continue to distribute cracked applications to gain access to users’ computers. 

By exploiting user trust during software installation, attackers can easily escalate their privileges by prompting users to enter their passwords. Kaspersky also highlighted the techniques employed by the malware campaign, such as storing the Python script inside a domain TXT record on a DNS server, demonstrating the “ingenuity” of the attackers.

Crypto
The total crypto market cap dropped below $1.5 trillion on the daily chart. Source: TOTAL on TradingView.com

Featured image from Shutterstock, chart from TradingView.com

Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.
ShareTweetShareShare

Sign Up for Our Newsletter!

For updates and exclusive offers enter your email.

I consent to my submitted data being collected and stored.
Ronaldo Marquez

Ronaldo Marquez

Follow

Ronaldo is a seasoned crypto enthusiast with over four years of experience in the field. He is passionate about exploring the vast and dynamic world of decentralized finance (DeFi) and its practical applications for achieving economic sovereignty. Ronaldo is constantly seeking to expand his knowledge and expertise in the DeFi space, as he believes it holds tremendous potential for transforming the traditional financial landscape.

Full Profile

Related Posts

Crypto

SEC’s Push For Crypto Clarity: New Rules On The Horizon To Address Industry Challenges

1 hour ago
WLFI

FOMO Ends In Pain: WLFI Whales Suffer Millions In Loses On Price Collapse

2 hours ago
trump ethereum eth ethusd (1)

Trump’s Bet Pays Off as Family Crypto Fortune Soars Past $5B

3 hours ago
BingX Launches WLFI Listing Carnival with 900K Token Reward Bonanza

BingX Launches WLFI Listing Carnival with 900K Token Reward Bonanza

15 hours ago
MemeCore Explodes 244% In Weekly Gains, Sparks Hunt for Next 1000x Altcoins

MemeCore Explodes 244% In Weekly Gains, Sparks Hunt for Next 1000x Altcoins

1 hour ago
$HYPER Predicted to Jump 2390% Viral Presale Nears $14M

$HYPER Predicted to Jump 2390% Viral Presale Nears $14M

18 hours ago

Premium Sponsors

Press Releases

  • miner

    Is Bitcoin Investment Still Profitable? Use BTC Cloud...

    42 seconds ago
  • miner

    ADA’s path to long-term success: Integrating with...

    12 hours ago
  • Bitget and Bitget Wallet Support Trading of Over 100...

    14 hours ago
  • miner

    XRP Price From a High of $3.65 to a Low of $2.72: How GMO...

    17 hours ago
  • miner

    7 Trending Crypto Mining Apps This Year That Give Free...

    19 hours ago

Bitcoin news portal providing breaking news, guides, price analysis about decentralized digital money & blockchain technology.

Buy Neo Pepe

Bitcoin

  • News
  • Price
  • Businesses
  • Acceptance
  • Technology
  • Investment
  • Regulation
  • Reviews

Altcoins

  • News
  • Price
  • Ethereum
  • Ripple
  • Litecoin
  • EOS

Categories

  • Blockchain
  • Security
  • FinTech
  • Technology
  • Trending
  • Breaking News
  • Press Releases
  • How to

About Us

  • Advertise
  • Contact us
  • Editorial Policy
  • Privacy Policy
© 2025 Bitcoinist.com. All Rights Reserved.
  • Bitcoin
    • News
    • Price
    • Businesses
    • Acceptance
    • Technology
    • Investment
    • Regulation
    • Reviews
    • All Bitcoin News
  • Altcoins
    • News
    • Price
    • Ethereum
    • Ripple
    • Litecoin
    • EOS
    • NAGA
    • All Altcoin News
  • Tech
    • Blockchain
    • Security
    • FinTech
    • Price
      • Bitcoin Price
      • Ethereum Price
      • Binance Coin Price
      • Litecoin Price
  • Industry
    • Industry News
    • Press Releases
  • How to
    • Buy gift cards/mobile Top Ups with Cryptos
    • What Is Bitcoin?
    • Best Bitcoin Wallet
    • Bitcoin vs Ethereum
    • Why Use Blockchain Technology?
    • Bitcoin Cash ABC vs. Bitcoin Cash SV
    • How to Buy Cryptocurrency
    • How to do Crypto Gambling
      • Crypto Casinos
      • Crypto Betting
    • Play Crypto Games
      • Crypto Poker
      • Crypto Slots
      • Crypto Blackjack
      • Crypto Crash Gambling
      • Plinko
    • Bitcoin Mining
    • Best Bitcoin Brokers
    • Best Bitcoin Forex Brokers
    • How To Earn Bitcoin
    • What is Facebook Libra?
    • Ripple and XRP: The Complete Guide
  • Events
  • Play Games
Advertise

© 2025 Bitcoinist. All Rights Reserved.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Center or Cookie Policy.