Hackers are using a new sophisticated malware campaign to target cryptocurrency users on macOS, Android, and Windows devices by exploiting pirated or improperly licensed software. The malware, distributed through cracked applications, replaces cryptocurrency wallets with infected versions, potentially resulting in significant financial losses for users. To protect against this threat, users are advised to avoid downloading pirated software, refrain from clicking on suspicious links or files, regularly update device software, consider storing cryptocurrency wallets in external hard drives, and install reliable antivirus software.
A new Trojan-Proxy malware is spreading among Apple macOS users through pirated software found on unauthorized websites. The malware can be used by attackers to build a proxy server network or carry out criminal activities on behalf of victims. Russian cybersecurity firm Kaspersky discovered evidence suggesting that the malware is a cross-platform threat, with artifacts found for Windows and Android. The malicious software disguises itself as legitimate multimedia, image editing, data recovery, and productivity tools, targeting users searching for pirated software. To avoid such threats, users are advised to refrain from downloading software from untrusted sources.
Cybercriminals are targeting Mac users with a new proxy trojan malware, disguised as popular copyrighted macOS software available on warez sites. The malware infects computers and turns them into traffic-forwarding terminals for illegal activities. Kaspersky discovered the campaign, which offers trojanized versions of image editing, video compression, data recovery, and network scanning tools. The trojan is distributed as PKG files, which can execute scripts during installation, granting dangerous permissions. The trojan disguises itself as a legitimate system process and connects to a command and control server to receive instructions. The same infrastructure also hosts proxy trojan payloads for Android and Windows, suggesting a wide-ranging attack.
Hackers are distributing pirated Windows 10 ISOs that contain clipper malware hidden in the EFI partition, which can potentially bypass malware detections. The malware replaces cryptocurrency wallet addresses on-the-fly with addresses under the attacker's control, redirecting payments to their accounts and making them at least $19,000 worth of cryptocurrency. Users should avoid downloading pirated software as they can be dangerous and contain persistent malware.
