Hackers use pirated software to hijack Mac, Android and Windows devices
Trading in cryptocurrency? You might be sitting on a pretty penny in that digital wallet of yours. Feels great, doesn’t it? But here’s the catch with digital currency: Keeping it secure isn’t a walk in the park.
Hackers are out there, working overtime to come up with new tricks to swipe your crypto, potentially emptying your wallet in one fell swoop. Yep, for these cyber thieves, your digital cash is the ultimate prize. And the worst part? Most of the time, you won’t even realize you’ve been hit until your balance is zero.
Case in point: There’s this fresh malware out there, specifically targeting macOS, Android and Windows devices. It sneaks in through pirated software, hunting for your cryptocurrency to make it its own. Here’s how it works.
What is the new malware targeting cryptocurrency users?
The cybersecurity company Kaspersky has uncovered a sophisticated new malware campaign designed to pilfer cryptocurrency from users’ wallets. This campaign leverages pirated or improperly licensed software as a vector for infection, exploiting the common practice of seeking out “free” versions of paid software online.
These cracked applications, distributed through unauthorized websites, are embedded with a Trojan-Proxy type of malware. This malware is not limited to just macOS users, as recent findings have shown; variants targeting Android and Windows platforms have also been discovered, connecting to the same Command and Control (C&C) server. These variants, like their macOS counterparts, are concealed within cracked software, illustrating the widespread risk across different operating systems.
CHICAGO CHILDREN’S HOSPITAL REGAINS ACCESS TO MEDICAL RECORDS A MONTH AFTER CYBERATTACK
Once the malware is downloaded onto your device, it will immediately start checking for Bitcoin and Exodus cryptocurrency wallets. If it discovers either one (which is very unfortunate for some users who have both), the malware replaces the wallet and infects it with another version that’s able to steal the cryptocurrency. For some people, this could amount to thousands of dollars. And, it’s all because you unintentionally downloaded the malware to your macOS, Android and Windows devices.
MORE: HOW CROOKS ARE USING SKIMMERS AND SHIMMERS TO STEAL YOUR MONEY AT YOUR ATM MACHINE
How does this malware get on your device?
Kaspersky reported that this new malware is coming through cracked software applications online. A cracked software has broken protection, thus making it easier for hackers to infiltrate it with code. With this, the malware’s creator took pre-compromised versions of the pirated software — one example being xScope, a paid macOS utility — and altered a few bytes of code to get the job done.
Then, in February, security firm Jamf found another cryptocurrency-focused macOS malware circulating through a pirated version of Apple’s Final Cut Pro software.
Attackers can use this malware to gain money or perform criminal activities using your device. It is distributed as .PKG installers, which contain scripts that execute after installation, altering system files and setting up the malware to run as a system process.
What pirated applications are being loaded with this malware?
The pirated applications are versions of software that have been modified to remove or disable features that are only available in paid versions, such as license verification. These applications are often distributed illegally and without the consent of the software creator. These are identified as being loaded with this Trojan-Proxy malware:
GET FOX BUSINESS ON THE GO BY CLICKING HERE
4K Image Compressor4K Video Downloader Pro v4.24.3 macOSAiseesoft Mac Data RecoveryAiseesoft Mac Video Converter UltimateAllavsoftAnyMP4 Android Data Recovery for MacAweCleanerDownie 4FonePaw Data RecoveryINet Network ScannerMacDroidMacX Video Converter ProMouseBoost ProMWeb ProNetShred XNetWorker ProPath FinderPatternodesPerfectly Clear WorkbenchPrint to PDFProject Office XRocket TypistSketchSponsorBlockSystemToolkitTransDataVellumVideoDukeWondershare UniConverter 13SQLPro StudioWinX HD Video Converter for MacArtstudio ProMagic Sort ListFoneLab Mac Data RetrieverApeaksoft Video Converter Ultimate for Mac
Furthermore, the malware campaign extends beyond macOS, as shown by the fact that Android and Windows platforms are also being targeted by malware that communicates with the same command and control server. The applications or files identified for these platforms are:
Android: s276.apk, Swipis_v2.6.1[Mobile].apkWindows: wsclient.exe
The lesson is to avoid downloading pirated software from unauthorized sources to protect yourself from such malware infections.
MORE: STEALTHY BACKDOOR MAC MALWARE THAT CAN WIPE OUT YOUR FILES
The deceptive ‘Activator’ app and its cryptocurrency heist
When you download one of these apps, it launches “Activator,” which prompts you to put in your device’s username and password to install and launch the software, when you think you’re installing an app.
When this happens successfully (or, rather — unsuccessfully to you), the hacker can spy on your device and receive commands from their server. This is when the hacker executes their dirty work: searching for cryptocurrency wallets, replacing them and looting your dough.
MORE: BEWARE OF FAKE BROWSER UPDATES ON YOUR MAC
Another note that Kaspersky mentioned about this particular malware is that it has been targeting users with the macOS Ventura 13.6, which was just released in September. We don’t know for sure, but this seems to suggest that if you’re not running that, then you might be safe from this hack, this time.
Of course, if you also don’t have cryptocurrency, you’re probably okay, too. However, this unique type of malware that uses pirated software to get on your device is not all that new. Hackers have used this method of exploiting pirated software before, and they’ll do it again.
So, how can you keep yourself safe?
Remember, for the hacker to get the malware on your device, you have to download it. This is done by clicking on a link or a file that’s generally suspicious, but not always. In the case of this threat, hackers understand that cryptocurrency users are probably more tech-savvy than the average person, and are therefore more attuned to hacks that are out there. Because of this, hackers have to find ways to trick you into downloading the malware in the first place. So here are five things you can do to protect yourself.
1) Don’t download bootleg software: It’s not worth the risk to download bootleg software. It exposes your device to potential security threats, such as viruses and spyware. Downloading software from reputable app stores is definitely the way to go to protect your devices.
2) Don’t click on suspicious links or files: If you encounter a link that looks suspicious, misspelled or unfamiliar, avoid clicking on it. Instead, consider going directly to the company’s website by manually typing in the web address or searching for it in a trusted search engine. Typically, the first or second result that appears is legitimate.
3) Update your device with software regularly: Regularly updating your device’s software is crucial for security because it ensures that you receive the latest patches, bug fixes and security enhancements. These updates help protect your device from vulnerabilities and potential threats that could be exploited by malicious actors.
4) Consider storing your cryptocurrency wallet in an external hard drive: If you do have cryptocurrency, you can always consider storing your wallet in an external hard drive. This storage method means that it’s safe from hackers on the internet.
5) Have good antivirus software: The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams. Get my picks for the best 2024 antivirus protection winners for your Mac, Windows, Android & iOS devices.
Kurt’s key takeaways
A new day comes with new malware that’s targeting those of you who use Mac, Windows and Android devices and who have cryptocurrency wallets. It’s a scary threat that could cost you a lot of money if you’re not careful. But you can protect yourself by following the steps above, so you can enjoy your cryptocurrency without worrying about losing it to hackers.
CLICK HERE TO GET THE FOX NEWS APP
Do you believe government regulations should play a stronger role in protecting crypto users? Let us know by writing us atCyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you’d like us to cover.
Answers to the most-asked CyberGuy questions:
What is the best way to protect your Mac, Windows, iPhone and Android devices from getting hacked?What is the best way to stay private, secure and anonymous while browsing the web?How can I get rid of robocalls with apps and data removal services?
Copyright 2024 CyberGuy.com. All rights reserved.