The malware seeks to bypass multi-factor authentication by stealing a range of data, says Palo Alto Networks.
A new form of malware steals cookies from cryptocurrency exchanges and other data in an attempt to hack user accounts, cybersecurity research team Palo Alto Networks reported on Jan. 31.
CookieMiner, a progression of OSX.DarthMiner, is a malware targets Mac users, stealing saved Google Chrome passwords, iPhone SMS messages and iTunes backups on tethered machines and more.
Along with the cookies, the goal of the malware is to gain access to cryptocurrency exchange accounts. According to Palo Alto, the hackers assume a combination of the stolen data would allow them to bypass the multi-layer authentication that many exchange users set up to provide additional security.
“If successful, the attackers would have full access to the victim’s exchange account and/or wallet and be able to use those funds as if they were the user themselves,” the firm summarized.
As its name suggests, the malware also installs cryptocurrency mining features.
The discovery is just the latest malware to seek out cryptocurrency users as its victims. As Cointelegraph has reported, multiple malicious entities have attempted to take advantage of lax security setups in order to compromise novice crypto traders.
Earlier this month, separate research claimed that around 4.5 percent of the circulating amount of altcoin Monero (XMR) had been mined using nefarious tactics.
“Cryptocurrency owners should keep an eye on their security settings and digital assets to prevent compromise and leakage,” Palo Alto concluded about CookieMiner.