If you are a regular cryptocurrency user, it is very common for you to visit an exchange to check the prices of different coins. And cookies, they are just everywhere these days, on almost every website. But now, cookies from an exchange can lead to serious issues if you use a Mac.
Not deleting the cookies after visiting your exchange can put all your personal data, password and confidential documents like credit cards at a vulnerable position and might get leaked to hackers.
A cybersecurity firm has recently said that there is a possibility that a malware has been released that is able to break through the two-factor authentication process. This malware is said to be called as the Cookieminer which is actually stealing credentials and cookies to gain access to users’ accounts on exchanges. This malware seems to be specifically attacking Mac users.
Not only stealing data and accessing one’s account, but it is also mining Koto, another digital asset by using the person’s information. Palo Alto Networks did a fast research and named the malware ‘Cookieminer’ because of its habit of stealing cookies and performing the functionality of crypto jacking, which means mining a currency with the purpose of making the people behind the infection gain.
As described by the Unit 42 of Palo Alto Networks, the malware is also able to steal passwords from Google Chrome and then to avoid the two-factor authentication, it is also stealing cookies. Once the hacker gets the authentication cookies, it can make the exchange system believe that it is not a new login but a continued and verified session of the website. Like most malware, it also has the ability to install new applications or software just for the purpose of mining.
According to the director of Palo Alto Networks, stealing of credentials and cookies is nothing new and has been performed by malwares before, but the new specialty that this malware is that is able to perform a function to skip the two-factor authentication provided in the exchange websites.
Although the malware is mining, having such amount of information about users can help in hackers withdrawing money from the accounts on the exchange, which can prove to be a faster and better profit for the hackers.
Palo Alto Networks knows about the presence of the malware but they cannot confirm the apps that have it. As soon as the research was made, they have contacted several exchanges and also the two corporates, Google and Apple which have helped in publishing this report.
It is being advised that no users store any personal information or credentials on web browsers. Although this attack seems to come to Mac users, there can be chances that similar attacks might happen on the other devices running other operating systems. So, a piece of general advice to all users is to delete all their cookies when they are visiting a website, especially when they are visiting a financial website.
According to Miller Osborn, this report was published to express the fact to all users that Mac devices do hold several problematic issues and they cannot be ignored. As Windows has the bigger share of the PC market, it gets greater attention, but Apple has a lot of problems in its devices too which need to seriously considered.