New macOS malware targets crypto wallets using unique DNS record approach

Cybersecurity researchers at Kaspersky have identified a new malware targeting macOS users, specifically those running versions 13.6 and above.

This malware poses a significant threat to digital cryptocurrency wallets, utilizing a unique method involving DNS records to deliver a Python script. Unlike traditional crypto theft methods, this malware focuses on popular wallets such as Bitcoin and Exodus by replacing legitimate applications with infected versions.

The strategy allows you to steal the crucial secret phrases needed to access crypto assets. The Trojan is delivered through compromised disk images containing a hidden activator, triggering the malicious application upon user password entry.

Kaspersky advises users to download applications from official sources, implement trusted security solutions, regularly update operating systems and applications, secure seed phrases, and use strong passwords to protect against such Trojans.