Red Security

Red Security > General > News > CookieMiner Malware Can Steal Crypto Exchange Cookies, Saved Passwords and iPhone SMS
Full Version: CookieMiner Malware Can Steal Crypto Exchange Cookies, Saved Passwords and iPhone SMS
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Mad-Architect

02-06-2019, 01:34 PM
[Image: hacker-keyhole-silhouette-illustration.jpg?imwidth=450]

    A new type of malware has been discovered, nicked-named 'CookieMiner' for its ability to steal cryptocurrency exchange cookies from the browser. Also included are is its ability to steal SMS messages, and financial and personal credentials from browsers. This has all been compiled by researchers, and it leads them to believe that this deadly new malware could let an attack bypass multi-factor authentication.  

  This malware is mostly a scare for Mac users. It does have the ability to download a base64-encoded Python script that is uses to retain a connection to the victim's computer. 

  How the malware starts its attack, is that it begins with a shell script in order to steal browser cookies, and sends a copy of them to a folder on a remote server. It then proceeds to target cookies associated with various crypto-exchanges. On top of all of this, it also installs a crypto-miner that utilizes the CPU [Not the GPU] in order to mine Koto, a Zcash based cryptocurrency. 


  The researchers also stated the following: 


  CookieMiner downloads a Python script named “harmlesslittlecode.py” to extract saved login credentials and credit card information from Chrome’s local data storage. CookieMiner adopts techniques from the Google Chromium project’s code for its decryption and extraction operations and abuses them.”

  
  Above all of this, the fact that the malware is able to use browser cookies, its speculated that it may be able to bypass certain login conditions on websites,  and hence, the website would never send an alert or notification that there had been suspicious logins by a user. 

  There has been no mode of entry that has been identified, but researchers involved in the matter stated that all users of a crypto wallet and/or exchange should keep a close eye on their wallets.

  
    Original article can be found here.


     That was  the news folks, have a good week, and stay safe out there.



     ---Mad-Architect
Red Security > General > News > CookieMiner Malware Can Steal Crypto Exchange Cookies, Saved Passwords and iPhone SMS