Malware disguised as applications for trading bitcoin and other digital money was found on the network
Hackers are spreading malware for macOS under the guise of cryptocurrency trading apps, according to cybersecurity company ESET. Criminals copied the interface of the Kattana platform. They offered to download a program for working with digital money on fake pages.
"It is likely that social engineering methods are applied to the victims: fake sites host a download button with a link to a ZIP archive that contains an application with a Trojan," the experts explained.
The fraudulent applications were distributed under the names Cointrazer, Cupatrade, Licatrade, Trezarus and contained the GMERA Trojan. They supported the trading function, but after installation the user data is routed to the remote hackers. They found out personal data, location, information about cryptocurrency wallets and could take screenshots.
ESET analyzed the work of malware using the example of the Licatrade application. On the same day that experts reported the problem, Apple revoked the certificate issued by Licatrade earlier.