A newly published security report has confirmed what infosecurity professionals have seen over the past few months: a Bitcoin price surge fuelling a massive spike in password theft attacks. What is, perhaps, surprising is that it is Apple users who are mostly in the crosshairs of the crypto hackers.
Security vendor ESET has just published its new threat report that looks at threatscape trends from June through November 2024. While much of this is not in any way surprising to those who have been paying attention, like those who read my articles here, for example, that's not to say the report is without some shock and awe moments. The 335% increase in social media scams, such as AI deepfake and brand-impersonation phishing attacks on these platforms, is neither given the time of year. That China-aligned, North Korea-aligned, and Iran-aligned threat groups have been getting more active when it comes to targeted ransomware attacks no longer sit in the shocking category either, sad to say. What didn't take my breath away either was the fact that password-stealing attacks targeting cryptocurrency wallets were up in the wake of the surge in Bitcoin value. What did, however, was that the most dramatic rise was seen in those attacks targeting macOS users.
"According to ESET telemetry data from H2 2024," the report stated, "cryptostealer numbers were up across multiple platforms, specifically Windows, macOS, and Android," however, password stealers targeting cryptocurrency wallets on macOS more than doubled in detections compared to H1. "Meanwhile," ESET said, "Windows cryptostealers grew by 56%, and Android financial threats, which include cryptostealing malware, by 20%."
The ESET analysis revealed a 127% increase in what it refers to as password stealing ware on the macOS platform, targeting credentials related to cryptocurrency wallets. "Although these threats cannot be classified solely as cryptostealers due to their broader functionality," the ESET security researchers said, they are indicative of the rising trend in cryptostealing activities on macOS."
Much of this rise can be put down to one malware family known as Atomic Stealer or AMOS, which has spawned numerous imitators due to the success it has seen. "Since its inception in 2023," ESET confirmed, "various AMOS variants and copycats have appeared both for sale on the black market and in the wild."
With cryptocurrencies reaching record values, Jiří Kropáč, ESET director of threat detection, said that cryptocurrency wallet data was one of the prime targets of malicious actors. "The second half of 2024 seems to have kept cybercriminals busy finding security loopholes and innovative ways to expand their victim pool," Kropáč said, "in the usual cat-and-mouse game with defenders."
When it comes to geographies, the ESET analysis points to most detections of these macOS Bitcoin and other crypto attacks targeting the U.S., with Italy, China, Spain and Japan following behind.