A new Trojan attack is what’s latest in the Bitcoin scam news, mainly designed to steal cryptocurrency from macOS users. Targeted at crypto traders, the virus is using malware called GMERA and targeting cryptocurrency traders who use trading applications within the Apple macOS operating system.
According to reports from the Internet security company ESET, the malware comes integrated into legitimate looking cryptocurrency trading applications, trying to steal users’ crypto funds directly from their wallets.
We can also see that researchers from another cybersecurity firm called Trend Micro first discovered the GMERA malware in September 2019, when it started posing as the Mac-specific stock investment application named Stockfolio.
In the reports which are now viral in the crypto news today, ESET says that it found the malware operations which integrated GMERA into the original macOS cryptocurrency trading application named Kattana. They also copied the website of the company and are actively promoting the new copycat applications which include Cointrazer, Cupatrade, Licatrade as well as Trezarus – all coming packed with the malware.
With a download button that is linked to a ZIP archive containing the trojanized version of the app, these fake websites have full support for trading functionalities. In that manner, the researchers noted:
“For a person who doesn’t know Kattana, the websites do look legitimate,” adding that the attackers are directly contacting their targets and “socially engineering them” in order for them to download the infected application.
In order to analyze this malware, the research team at ESET took samples from Licatrade, which according to them has minor differences compared to the malware on other applications, yet still functions in the same way.
The new Trojan attack works by installing a shell script on the victim’s computer which gives the operators full access to the users’ system through it. The shell script allows the attackers to create command-and-control servers known as C&C and C2, over HTTP between theirs and the victim’s system. The C2 servers help them consistently communicate with the compromised machines.
In the findings, we can see that the GMERA malware steals information such as user names, crypto wallets, location as well as screen captures from the users’ system. However, ESET also said that they reported the issue directly to Apple and the certificate it uses.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Stefan has been writing articles for DCForecasts since 2016 in-house full time. As one of our main cryptocurrency writers, he focuses on covering the latest cryptocurrency news, technical charts, price analyses of coins and press releases. When he is not exploring and covering the latest topics in crypto, you can find Stefan playing basketball, tennis or cycling.
DC Forecasts - Newsletter and get recent news directly to your inbox! Daily Newsletter Bitcoin NewsAltcoin NewsLitecoin NewsEthereum NewsBlockchain NewsBitcoin ScamsRegulationExpert AnalysisPress ReleasesCardano NewsRipple NewsLibra NewsBitcoin Cash NewsTron NewsNexo NewsVechain NewsStellar NewsTezos NewsBinance Coin NewsCoinbase NewsChainLink NewsEOS NewsIOTA NewsTether NewsBitcoin SV NewsMonero NewsEthereum Classic NewsDash NewsUNUS NewsCosmos NewsMECX Token NewsNEO NewsDC Forecasts Announcements
Daily Newsletter Bitcoin NewsAltcoin NewsLitecoin NewsEthereum NewsBlockchain NewsBitcoin ScamsRegulationExpert AnalysisPress ReleasesCardano NewsRipple NewsLibra NewsBitcoin Cash NewsTron NewsNexo NewsVechain NewsStellar NewsTezos NewsBinance Coin NewsCoinbase NewsChainLink NewsEOS NewsIOTA NewsTether NewsBitcoin SV NewsMonero NewsEthereum Classic NewsDash NewsUNUS NewsCosmos NewsMECX Token NewsNEO NewsDC Forecasts Announcements
DC Forecasts provides a comprehensive source of the latest news about cryptocurrency news daily. Read more on our about us page for details.