New Malware Targets Apple Mac Computers to Steal and Mine Cryptos

A recently discovered form of malware steals browser cookies and other information on Apple Mac computers to steal cryptocurrencies.

AccessTimeIconFeb 1, 2019 at 2:30 p.m. UTC
Updated Sep 13, 2021 at 8:51 a.m. UTC

A recently discovered form of malware steals browser cookies and other information on victims' Apple Mac computers to steal cryptocurrencies.

Researchers at cybersecurity firm Palo Alto Networks published a report on Thursday, saying that the malware, dubbed “CookieMiner,” intercepts browser cookies related to cryptocurrency exchanges and wallet service providers’ websites visited by the victims.

The malicious code targets exchanges and services including Binance, Coinbase, Poloniex, Bittrex, Bitstamp and MyEtherWallet, as well as any website having "blockchain" in its domain name, the researchers found.

The malware also tries to steal credit card information from major issuers, such as Visa, Mastercard, American Express and Discover, as well as saved usernames and passwords in Chrome, iPhone text messages that are backed up to iTunes and crypto wallet keys.

If CookieMiner succeeds at stealing those details, hackers can gain full access to victims’ crypto exchange and wallet accounts to steal funds.

The researchers explained:

“CookieMiner tries to navigate past the authentication process by stealing a combination of the login credentials, text messages, and web cookies.”

MyEtherWallet founder and CEO Kosala Hemachandra told CoinDesk via email: "[MyEtherWallet] is not a cryptocurrency exchange but an interface to interact with the Ethereum blockchain. We do not use cookies so this malware ... will not affect our users as long as they do not save their passwords with Chrome."

CookieMiner has another string to its bow too – it changes a victim's system configuration to maliciously load crypto mining software. The coinminer is similar to a variant that mines monero, but instead targets a lesser-known cryptocurrency called Koto, the researchers said.

The researchers suggested that cryptocurrency users should keep "an eye on their security settings and digital assets to prevent compromise and leakage." They also noted that the malware checks if an application firewall program called Little Snitch is running on a victim’s computer. "If so, it will stop and exit," they said

Monero is by far the most popular cryptocurrency among hackers, though. Last month, a study by college researchers showed that hackers have mined nearly 5 percent of the total monero in circulation.

Deployments of crypto-mining malware are rapidly growing in number. A study from McAfee, published in December, showed that there were nearly 4 million new mining malware threats in the third quarter of 2018 alone, compared to less than 500,000 in 2017 and 2016.

Edit (09:15 UTC, Feb. 7 2019): Updated with comment from MyEtherWallet founder and CEO Kosala Hemachandra.

Apple MacBook image via Shutterstock


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.


CoinDesk - Unknown
A New Chapter of Web3: Solana Unveils Smartphone ‘Saga’; Moody’s Downgrades Coinbase

The most valuable crypto stories for Friday, June 24, 2022.

CoinDesk - Unknown
CoinDesk - Unknown
How Are Institutions and Companies Investing in Crypto?

From putting bitcoin on their balance sheets to setting up shop in the metaverse, the ways brands and institutions are investing in cryptocurrencies continues to expand.

CoinDesk - Unknown
CoinDesk - Unknown
Consensus 2022: Hollywood, Colleges, Conferences vs. Crypto

The state of crypto and economics live from Consensus 2022 in Austin, Texas.

CoinDesk - Unknown
CoinDesk - Unknown
Bitcoin se estabiliza cerca de $21K; inversores esperan evitar otra caída el fin de semana

Los analistas se cuestionan si BTC podrá mantenerse por encima del umbral de $20.000 en un clima de desconfianza entre los inversores.

CoinDesk - Unknown