New Malware 'Cthulhu Stealer' Targets MacOS Users

(RTTNews) - As reported by Hacker News, Cado Security has identified the emergence of a malware-as-a-service (MaaS) called "Cthulhu Stealer" that targets Apple's macOS users, by impersonating popular apps.

This malicious software aims to extract sensitive information from infected Macs, including saved iCloud Keychain passwords, browser data, and Telegram account details. Tara Gould, a researcher at Cado Security, notes that Cthulhu Stealer pretends to be legitimate software, imitating popular applications such as CleanMyMac, Grand Theft Auto IV, and Adobe GenP.

When users attempt to open the counterfeit application, macOS's Gatekeeper—a built-in security feature—issues a warning that the software is unsigned. However, if users ignore this alert, the malware prompts them for their system password, resembling a genuine system request. Similar tactics are employed by other Mac malware variants like Atomic Stealer, Cuckoo, MacStealer, and Banshee Stealer.

According to Gould, "The main functionality of Cthulhu Stealer is to steal credentials and cryptocurrency wallets from various stores, including game accounts."

Further reports indicate that the creators of Cthulhu Stealer may have ceased operations, reportedly due to payment disputes and accusations of scamming their customers, leading to the main developer's permanent ban from a cybercrime marketplace where the malware was promoted. The rise of threats like Cthulhu Stealer highlights the critical need for vigilance in cybersecurity among macOS users. Although the Cthulhu Team may no longer operate, the risk to macOS devices persists.

To safeguard against such malware, users should adhere to the following precautions: only download software from trusted sources like the Apple App Store, activate macOS's security features including Gatekeeper, keep systems and applications updated with the latest security patches, and consider using well-regarded antivirus solutions for additional security.

By staying informed and adopting proactive strategies, macOS users can effectively minimize their vulnerability to malware and protect their systems. In the upcoming macOS Sequoia, expected in mid-September, Apple intends to restrict the easy installation of software that isn't properly signed or notarized.