From the Depths: Analyzing the Cthulhu Stealer Malware for macOS

216.73.216.6

From the Depths: Analyzing the Cthulhu Stealer Malware for macOS

· Published 23/08/2024 09:17 · Modified 23/08/2024 10:00

Essential information

Published: 23/08/2024 09:17
Modified: 23/08/2024 10:00
Tags: 2024-08-23 atomic stealer cryptocurrency cthulhu stealer golang maas macos stealer
Related entities: 9 observables, 1 intrusion sets (apt), 10 techniques (mitre), 2 malware

Description

This report analyzes Cthulhu Stealer, a malware-as-a-service targeting macOS users to steal credentials and cryptocurrency wallets. It explores the malware's functionality, including prompting users for passwords, dumping keychain data, and exfiltrating stolen information. The analysis compares Cthulhu Stealer to Atomic Stealer, another macOS malware with similar capabilities, and provides insights into the malware's operators and distribution methods via underground forums.

External references

https://www.cadosecurity.com/blog/from-the-depths-analyzing-the-cthulhu-stealer-malware-for-macos
https://otx.alienvault.com/pulse/66c853a35a6f07522e8ebde9