Malware disguised as applications for trading bitcoin and other digital money detected on the network

Hackers are distributing malware for macOS under the guise of cryptocurrency trading applications, according to cybersecurity company ESET. The criminals copied the interface of the Kattana platform. They offered to download a program for working with digital money on fake pages.

“Probably, social engineering methods are being applied to the victims: a download button is placed on fake websites with a link to a ZIP archive containing an application with a trojan,” the experts explained.


The rogue applications were distributed under the names Cointrazer, Cupatrade, Licatrade, Trezarus and contained the GMERA Trojan. They supported trading functions, but after installation, user data got to hackers. They found out personal data, location, information about cryptocurrency wallets and could take screenshots.

ESET analyzed the behavior of malware using the example of the Licatrade application. On the same day that the experts reported the problem, Apple revoked the certificate previously issued by Licatrade.