Trading Cryptocurrency from Your Mac? A Malware Caution Notice

Cryptocurrency has been around for over a decade, released as an open-sourced software back in 2009. Upon its release, it started to catch attention, especially for those concerned about making online purchases. Nowadays, it’s a strong currency that increases in value year after year. There are even rumors that this “cyber” money might replace traditional currency, though that could be far away. Even though it’s deemed one of the safest forms of online payment, trojan-based malware has been spotted in a few applications designed for Apple’s operating system.

Trading Cryptocurrency from Your Mac? A Malware Caution Notice
Trading Cryptocurrency from Your Mac? A Malware Caution Notice

Table of contents

What Does Malware Do?
Kattana Trading App Copycats
Can You Spot the Differences?
Beware of Fishy Sales
Data Breaches and User Information
What’s the Goal?
Real-World Current Example

What Does Malware Do?

While there is a lot of things that malware could do; analysts have discovered that this new one targeting cryptocurrency trading apps for Macs is engineered to steal information, capture cookies, and even get their hands on screen captures. The cybercriminals behind the creation of this malware first worked out a way to redirect users to remote terminal sessions with a hard-coded IP address. This time, they’ve taken their skills a step further, targeting a legitimate trading app.

Kattana Trading App Copycats

Kattana is a trading app for Apple iOS that allows users to trade cryptocurrencies. They have many great features, which put them on the map as one of the best. However, over the last few years, they’ve been a battle with hackers that have made a copycat version of the app. The app’s creators took action fast when they found the copycat, though they were not aware of their next step. A few other apps are out there, hiding behind the same setup as the trading app. Names like Cointazer, Cupatrade, and Licatrade, have all been connected to Trojan malware.

Can You Spot the Differences?

When analysts first discovered the copycat, they could see why they were about to fool users. Most of the applications that were mimicking legit and trusted names all looked exactly the same. The only differences between the few were the title and a few colors, leaving security analysts shook. Upon further analysis, they could not get to the bottom of how these applications spread. Moving files across the cloud was one suspected cause, though it was later put to rest. There were no third-party advertisements, which led them to believe that there was something else going on.

Beware of Fishy Sales

Some Mac users had in common that they were reached out to by someone claiming to be from sales. The person on the other line mentioned the cryptocurrency trading app and told them about all of the cool things it could offer. When these users went to the app, they found a clean and legitimate-looking app that many chose to download. They did not know that this app was used to collect information from their devices, including their user IDs and other sensitive information.

Data Breaches and User Information

In this year’s cost of data breach report from IBM, the average cost of a data breach was estimated at $6.03 million. While this was targeted at large corporations and companies, it shined a light on cyber attacks’ growing occurrence. It also showed that attackers are getting more sophisticated with their methods, able to engineer applications and make copies that mimic legit websites and copy their exact features. While Apple seems to be taking care of these applications’ presence, they say that they do expect to see a rise in the number of applications with malware wrapped in.

So, what does this mean for the user? There will be an increased chance that someone could get ahold of their information. We don’t just mean their name or email, but they could access login information and cookies, gaining access to other accounts. This could include access to banking accounts or other personal accounts that are tied to user financial information. A wise conclusion from this looming danger is to consult the long list of Mac malware cleaners and choose the one suiting you most in terms of protection and variety of features.

What’s the Goal?

One of the things that software companies look for when they analyze a security breach is its purpose. For now, Apple only knows that the group that’s targeting the cybersecurity applications is only doing so to those related to Mac. There is only a guess on how users get contacted and download the app, which is another mystery. While Apple is on top of it and constantly monitors for any behavior that seems to be a bit out of the ordinary, there are still concerns about the hackers’ next move. The key to stopping these cyber crimes is catching them early, as they are always one step ahead of security analysts.

Real-World Current Example

While the crypto trade fraud was a negative experience for many users, it was also a good learning experience for security analysts. Application security experts can use this knowledge to build better security software and enhance their measures. As attacks happen and software engineers and security analysts learn more, they can prevent future users from downloading faulty apps and detect data breaches before they start. Though there have been a few that wound up with apps that took over their device, Apple is hard at work to ensure that it doesn’t happen in the future and securing more apps day by day.