ESET Discovers Trojan Attack Targeting Cryptocurrency Traders Using Apple's MacOS

When researchers from ESET dug deeper, they found that operators from GMERA had integrated this malware with Kattanna, which is a MacOS-based crypto trading application.

The Internet security firm, ESET, has discovered a new trojan attack targeting crypto traders who use applications from Apple's macOS.

According to the findings, the malware targets crypto wallets and is integrated with pseudo digital asset trading apps, which can easily be confused for the legit platforms.

Dubbed ‘GMERA,' and not the first time the malware was used. Researchers from Trend Micro, another cyber sec firm, had come across it back in September 2019 when it had posed as Stockfolio, a Mac-built stock investment app.

Upon digging deeper, ESET researchers found that GMERA operators had integrated the malware with macOS' Kattana crypto trading application. They then created a replica of the firm's website to promote four new copycat apps, namely; Trezarus, Licatrade, Cupatrade, and Cointrazer. Notably, these malicious apps direct users to a ZIP archive containing the trojan zed versions, which in turn target crypto wallets once downloaded.

The researchers went on to highlight that anyone who is not very familiar with Kattana's website can, therefore, easily be compromised:

“For a person who doesn’t know Kattana, the websites do look legitimate.”

The GMERA Malware

To fully understand how it works, ESET researchers analyzed samples from Licatrade whose functionality is pretty similar to the other malware. As per the findings, GMERA installs a shell script on the target's computer, giving the hackers access to a user's system through the app.

They then leverage HTTP to create C&C or C2 servers to initiate communication between them and the compromised machine. In doing so, they can steal information such as location, crypto wallets, and screen captures stored in the user's database. Following these findings, ESET raised the issue with Apple leading to the revokement of Licatrade's certification.

Also Read: Twitter Hacker Managed to Scam Only 12 Bitcoin After Duping Major Accounts Using ‘Internal Tools'

Get Free Email Updates!

*Action* Enter Best Email to Get Trending Crypto News & Bitcoin Market Updates

I will never give away, trade or sell your email address. You can unsubscribe at any time.

Edwin Munyui
Edwin Munyui
Edwin is a FinTech enthusiast with a particular interest in blockchain technology and cryptocurrencies. He has worked as an author in the blockchain space since 2017 and enjoys creating content that both crypto veterans and newbies can understand. His simple writing style and financial market knowledge have made him a reputable fundamental and technical analyst with the ability to handle any topic around blockchain and crypto over the years.

[Alert] Use the author's self-conducted information at your own risk, do you own research, never invest more than you are willing to lose.

[Disclosure] The published news and content on BitcoinExchangeGuide should never be used or taken as financial investment advice. Understand trading cryptocurrencies is a very high-risk activity which can result in significant losses. Editorial Policy \\ Investment Disclaimer

LEAVE A REPLY

Please enter your comment!
Please enter your name here

3,511FansLike
2,795FollowersFollow
4,274FollowersFollow

Live Bitcoin Price & Latest BTC Charts

Today's Latest Crypto News

BitcoinExchangeGuide is a hyper-active daily crypto news portal with care in cultivating the cryptocurrency culture with community contributors who help rewrite the bold future of blockchain finance. Subscribe on Google News, see the mission, authors, editorial links policy, investment disclaimer, privacy policy. Got News? Contact us, we are human too. Note: nothing here is financial advice, do your own research thoroughly.

Start Using Crypto Today