Mac Users Beware: ‘Realst’ Malware Emerges, Specifically Targeting Crypto Wallets

2023-7-26 16:00

A new and challenging form of malware dubbed “Realst” currently targets macOS and Windows users, posing a particular risk to Apple computer owners.

This cunning malware disguises itself as fake blockchain games, such as Brawl Earth and Dawnland, and spreads through social media promotions and direct messages, putting unwary users in harm’s way.

When unwary victims fall into its trap and use the offered access codes to access the threat actor’s website, their devices become prone to attack.

Realst demonstrates its destructive goal by silently stealing sensitive data from web browsers and cryptocurrency wallet apps, exposing users’ personal information and digital assets.

Security researcher iamdeadlyz discovered Realst, which was first thought to target macOS users, but it has since been found that Windows users are also at risk.

RedLine Stealer, AsyncRAT, and Raccoon Stealer are just a few of the malware strains introduced onto Windows workstations by the threat, making it tough to detect.

Unraveling Realst’s Stealthy Approach

SentinelOne, a cybersecurity organization, examined 59 “Mach-O” samples of Realst and discovered a range of active macOS variants, each showing signs of rapid development. This rapid evolution increases the difficulty of tracking and combating malware effectively.

Realst infects devices through deceptive PKG installers and DMG disk files for macOS users, cunningly concealed to resemble genuine games or decoy software. When malware is implanted, it takes hold and gives unauthorized users access to personal data and digital wallets.

An alarming element of Realst is the presence of a cross-platform Firefox information stealer known as “game.py.” This script efficiently harvests sensitive data from users’ web browsers, providing threat actors with a wealth of exploitable information.

Moreover, Realst employs “chainbreaker,” an open-source macOS keychain database, to obtain stored passwords and internet account credentials in clear text format, heightening the risk to victims.

Experts Call For Vigilance And Caution Against Malware

The desire to steal cryptocurrencies is the main driver behind these attacks. Unaware users are seen as a tempting target by hostile actors as digital assets become more popular and valuable.

Experts emphasize the importance of caution while installing software from unknown sources, mainly social media adverts and direct messages, as malware adapts and spreads. To stay safe, users must rely solely on official app stores and verified websites for their software needs.

By implementing these safety measures and raising awareness about the Realst threat, users can better protect themselves from this malicious menace.

Featured image from The SSL Store

Similar to Notcoin - Blum - Airdrops In 2024

origin »

ITAM Games (ITAM) на Currencies.ru

$ 0.0259608 (+0.00%)
Объем 24H $21
Изменеия 24h: 1.08 %, 7d: 0.10 %
Cегодня L: $0.0259608 - H: $0.0259608
Капитализация $0 Rank 7799
Цена в час новости $ 0.0075864 (242.2%)

users malware realst unwary such brawl dawnland

users malware → Результатов: 126


SecureBrain joins the PolySwarm decentralized cyber threat intel marketplace

PolySwarm, a crowd-sourced marketplace for threat intelligence and malware detection, has announced SecureBrain Corporation as its latest threat detection partner. SecureBrain’s threat detection technology will be active on PolySwarm starting this month February, detecting threats and helping users get determinations on potentially malicious files and URLs.

2020-2-10 14:06


Kaspersky: Lazarus Hackers To Steal Crypto Using Telegram in ‘Operation AppleJesus Sequel’

The Moscow-based cybersecurity firm Kaspersky has informed cryptocurrency users that North Korean hackers have developed new ways of delivering malware through Telegram. Kaspersky has been looking at the latest attacks of the Lazarus Group, a North Korea-related cybercrime organization that has also conducted the AppleJesus attack on some of the most important crypto exchanges in […]

2020-1-10 22:16


Cybercriminals are targeting healthcare companies with phishing campaigns to steal sensitive data

Healthcare providers are facing an unprecedented level of social engineering-driven malware threats, according to new research. The findings — disclosed by California-based enterprise security solutions provider Proofpoint US — discovered at least 77 percent of email attacks on the medical sector during the first three months of 2019 involved the use of malicious links.

2019-10-9 19:00


Newly Discovered Spyware Uses Telegram Bots to Steal Cryptocurrency from a Number of Wallets

Jupiter Threat Labs recently released a report about a newly discovered commercial spyware called “Masad Clipper and Stealer.” It uses Telegram bots as its command and control (C2) to phish information from Windows and Android users, along with the capability to steal cryptocurrency from unsuspecting victims, while dumping more malware on their devices. The report […]

2019-9-28 00:30


Фото:

Android users suckered for $100s by basic calculator and QR scanning apps

If all the different types of malware that find a way to sneak into the Google Play Store wasn’t enough, here’s another nasty surprise. A new category of apps called “Fleeceware” has been unearthed on the app distribution platform; these apps were found to abuse the Play Store policies and grossly charge users hundreds of dollars for mundane services like calculators and QR code scanners.

2019-9-26 09:30


Фото:

VPN apps with 500M+ installs caught serving disruptive ads to Android users

Google Play Store has a malware problem. And it doesn’t seem to go away despite the company’s best efforts to rein in sketchy apps. In a yet another instance of Android adware, New Zealand-based independent security researcher Andy Michael found four Android VPN apps with cumulative downloads of over 500 million that not only serve ads while running the background, but are also placed outside the apps, including the home screen.

2019-9-20 14:53


Фото:

Google purges 24 malware-ridden apps that were downloaded 500,000 times

Android just can’t seem to shake off its malware issues.  A new malware campaign targeting Android has been found to engage in ad fraud at least since early June 2019. The findings, disclosed by cybersecurity firm CSIS Security Group, reveal that the malware — called Joker — is designed to surreptitiously sign users up for premium service subscriptions, in addition to stealing the victim’s SMS messages, the contact list, and device information.

2019-9-10 10:46