When we thought that MacOS is safe from crypto malwares, a new discovery says that this is not the case. Although the malware itself only targets newer version of the operating system, but still for us crypto enthusiast, this is very dangerous. The mode of infection is that if the user downloaded a crack or fake apple software, then you will be directed to this, a bogus Activator window that asks for the administrator password.
So once you give them permission, it will execute a program and then will communicate to their C2 (command and control), to downloaded a script.
And this script check for the presence of Bitcoin Core and Exodus wallet (so far only this two wallets) in your machine. It will then sends everything to the criminals C2 server, including, seed, mnemonic phrase, your balance, password and once they got the data, they will obviously drain your wallet.
What do we learn here?
Never ever downloaded fake or pirated software. You already have a powerful machine in your hand and you have like shell out thousands of dollars already, so why not just buy original software as not to compromise your expensive MacOS.
https://securelist.com/new-macos-backdoor-crypto-stealer/111778/