Trojanized Mac cryptocurrency app collects wallets and screenshots – ZAWYA

Trojanized Mac cryptocurrency app collects wallets and screenshots – ZAWYA

trojanized mac cryptocurrency app collects wallets and screenshots eset research discovers    dubai, uae: - eset researchers have recently discovered websites distributing trojanized cryptocurrency trading applications for mac computers. these were legitimate apps wrapped with gmera malware, whose operators used them to steal information, such as browser cookies, cryptocurrency wallets and screen captures. in this campaign, the legitimate kattana trading application was rebranded - including setting up copycat websites - and the malware was bundled into its installer. eset researchers saw four names used for the trojanized app in this campaign: cointrazer, cupatrade, licatrade and trezarus."as in previous campaigns, the malware reports to a command & control server over http and connects remote terminal sessions to another c&c server using a hardcoded ip address,“ says eset researcher marc-etienne m.léveillé, who led the investigation into gmera.eset researchers have not yet been able to find exactly where these trojanized applications are promoted. however, in march 2020, legitimate kattana site posted a warning suggesting that victims are approached individually to lure them to download a trojanized app, thus pointing to social engineering. copycat websites are set up to make the bogus application download look legitimate. the download button on the bogus sites is