New CookieMiner crypto malware targets Macs, exchanges

Cryptocurrency mining malware is becoming a huge threat. McAfee Labs has estimated that the growth of the thieving software has grown 4,000% year over year, and there doesn’t seem to be any slowdown as it continues to spread like wildfire. The latest iteration is beginning to make its rounds and threatens to turn Mac devices into rotten apples.

Fortune magazine has a report on research published by Palo Alto Networks yesterday, on the new CookieMiner malware. It is apparently a variant of the OSX.DarthMiner malware that popped up last month and also targets Apple devices, as did its predecessor.

CookieMiner can modify computers by manipulating cookies, allowing malicious software to be installed in order to mine crypto assets. It is reportedly designed to mine the Koto coin, a private CPU-based cryptocurrency out of Japan.

In addition, the malware steals users’ digital cookies in both Safari and Chrome browsers. Many exchanges, including Coinbase, Binance and others, will install cookies on the users’ computers in order to make accessing the exchanges and personal information easier. It can also grab saved usernames, passwords and financial information from Chrome – but not from Safari. Palo Alto didn’t specify whether or not CookieMiner targets Firefox, Edge or other browsers.

If access to that data is gained by thieves, they can easily log into a user’s account and withdraw funds. This is obviously a more efficient method, when compared to mining, for someone looking to generate some extra income.

Jen Miller-Osborn, Palo Alto’s deputy director of threat intelligence, states that researchers have yet to identify which apps may be infected or may inherently carry the malware. She adds that the security firm has only been able to identify its existence, but states that it’s possible that CookieMiner could be present in apps outside the Apple App store, since crooks will want to avoid Apple’s security protocols.

Mac computers have long been believed to be safe from most security risks. Miller-Osborn states, “There is this fallacy that Macs can’t be compromised. When you look at [PC] market share, Windows has the most of it so naturally Windows gets the most attention.” However, there is a growing threat to all Apple devices that cannot be ignored. It’s important that all computer users take precautions to protect any data, especially that related to financial transactions.