A recent report by a cybersecurity team, Palo Alto Networks, claims that hackers have developed a new form of malware that targets cookies on crypto exchanges and other sensitive data, which is substantial to hack into crypto user’s accounts. Nicknamed “CookieMiner”, the new malware developed from existing OSX.DarthMiner, targets Mac users.
The aim of this malware is quite simple – steal saved passwords on websites visited through Google’s Chrome and Apple’s Safari, data synced to cloud through iPhone and most unfortunately for cryptocurrency users, access keys to their wallets and thus, their funds.
A cookie is something that tracks your website activity. Each cookie acts as an authentication for a user. The number of times you visit that website, the cookie stored with the website provides your login request.
The unique nature of the cookie is what the new malware intends to exploit.
Palo Alto have suggested that hackers would potentially need access to just a tiny bit of a user’s data to assume control of their accounts with CookieMiner.
To state it simply:
“If successful, the attackers would have full access to the victim’s exchange account and/or wallet and be able to use those funds as if they were the user themselves.”
Another unique feature of the malware is that it installs some sort of cryptocurrency mining application on the user’s device.
This report adds to the long list of growing hacking schemes, some of which have come to light while some still remain unknown.
Palo Alto summarized their thoughts on the malware by stating:
“Cryptocurrency owners should keep an eye on their security settings and digital assets to prevent compromise and leakage.”