But then the EU comes in and cries about anti-competitive this and that... damned if you do, damned if you don't.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
'Cthulhu Stealer' macOS Malware Can Steal Keychain Passwords, Web Browsing Info, Crypto Wallets, and More
- Thread starter MacRumors
- Start date
- Sort by reaction score
But then the EU comes in and cries about anti-competitive this and that... damned if you do, damned if you don't.
has the EU told microsoft it can’t use windows defender?
also this is about macos not ios
please at least be in the ballpark when you make up fear mongering nonsense
This is for everyone who wants the "freedom of macOS on iOS/iPadOS". Do you want to need to run antimalware software on your Phone or Tablet?!!!
This has me wondering what parents do to keep the family tech secure. Do you just isolate the gamer kids on their own machine and network?
My name isn't Cthulhu Stealer so I should be safe, right?
Last edited:
It is not exactly ironical that those pirating software are much more likely to get pirated.
To spread malware?
How 18 Malware Apps Snuck Into Apple's App Store
Sing it loud: The App Store's not perfect. Especially when it's up against click fraud code this clever.
If I hired a security guard and the guard was letting in malware, that security guard would have been fired a long time ago.
I love reading these articles to learn all the ******* crazy things I'd need to do to be vulnerable to these attacks.
Would having Little Snitch installed stop this sort of malware? Little Snitch pops up a connection dialog telling you a process/app wants to connect to a server, and you get to allow or deny it. If I saw something like this and had idiotically typed in my password, Little Snitch would stop this thing from sending any of my data anyway, right?
I mean, I'm not saying I would be fooled by this terribly-worded dialog that's missing the username, but for those who do, Little Snitch might be a secondary wall.
I mean, I'm not saying I would be fooled by this terribly-worded dialog that's missing the username, but for those who do, Little Snitch might be a secondary wall.
On the suggestions of others, I have downloaded the free version of Intego's Virus Barrier Scanner from the App Store, which I run once every six months or so and, as expected, it finds no problems.
If someone had downloaded this particular malware within a .dmg file and used Intego's Virus Barrier Scanner to check that .dmg file for malware, does anyone know what the likelihood is that it would have found that malware?
If someone had downloaded this particular malware within a .dmg file and used Intego's Virus Barrier Scanner to check that .dmg file for malware, does anyone know what the likelihood is that it would have found that malware?
xprotect has nothing on windows defender and this will become apparent as new malware and viruses infect mac
you can rely on window defender alone…
Greed + "Stupid is as stupid does" combine to make a hacker’s wet dream come true. Pirates and the gullible deserve what they get. Not a kind thing to say but true.
Walled gardens exist FOR PROFIT.
Not that there’s anything wrong with that.
But let’s be honest about it.
Mac software doesn’t need a walled garden.
Use common sense and you don't have to worry about this. Unfortunately common sense is in very short supply these days.
Reference
From the Depths: Analyzing the Cthulhu Stealer Malware for macOS
Cado Security has identified a malware-as-a-service (MaaS) targeting macOS users named “Cthulhu Stealer”.
www.cadosecurity.com
CleanMyMac, Grand Theft Auto IV (appears to be a typo for VI), Adobe GenP
The source article mentions nothing about it being found in the app-store so the walled garden helps in this instance, but we all know that sometimes even the app-store can have a trojan on rare occasions. Also Mac uses its own realtime security, so it's not a walled garden because you can readily install from 3rd party web sites compared to the locked down iOS/IPadOS. see https://support.apple.com/guide/security/gatekeeper-and-runtime-protection-sec5599b66df/web
Probably from a web site that pushed the fake product under one of the IDs written up about for Mac users. If you want to install software, always do it from the actual web site of the developer, not just any method pushed to you on a website ad. Also don't open junk mail links of fake solicitations that are easy to recognize if you look at the link URL moving the cursor over it.
Last edited:
They have one already. The questions here is with the malware now being over a year old and already abadoned by its creator:
1. Why are we getting an alert about it from these researchers only now?
2. Why hasn't Apple blocked it already?
===
I feel like the real issue here that nobody has brought up (not just here, but anywhere) is why is the admin account as required and powerful as it is?
It seems like there's a massive failure of properly designing permissions. Why does an admin account have read access to all of the stuff this malware steals? It seems like the only thing that should ever be able to access my browser data on my personal computer is the browser when I'm using it - there shouldn't be an admin account that can bypass that and read the data.
IDK - all of *nix permissions feel dated and improper for usage on personal computers. IDK how permissions work on Windows... do they make more sense over there?
As much as I hate how security and the filesystem works on iOS... I am starting to see the appeal... and honestly, I don't think it goes far enough. All files that an app on iOS saves shouldn't just be sandboxed so that other apps can't read it, but they should be encrypted such that not even any system or admin account can read it - only the app that made it should be able to decrypt and read it. Getting "root" or admin access shouldn't be as big of a deal as it is...
Popular meme and debating tactic, although logically flawed. One example of how the ”walled garden failed” to say the ”walled garden” doesn’t work.
That's a pretty crappy and limits files to one app only. When working with GoPro video, for example, I'll run it though at least three different apps for different reasons, and finally I use a command-line tool to strip all the exif data, including the hidden stuff that companies like to add.
Multiple apps, for the same file and file type, are often needed.
Yeah, there's a good reason to respect the haxnodes of the world instead of whatever janky torrent you find a russian seed for. Just like STD's you can preach abstinence, but the virus spreads via kids and noobs, undeniably excited to find a new area of life to explore.
...and occasionally the desperate, who have no other way to get an old unavailable version of software req'd to make some expensive hardware work. Looking at you Nikon.
Last edited: