The Nova Stealer malware has recently emerged, posing a significant threat to macOS users by focusing on cryptocurrency wallet theft. This malware cleverly replaces legitimate applications like Ledger Live and Trezor Suite with fake versions designed to steal users’ wallet recovery phrases. Attackers initially deploy a script from a command-and-control server, which installs hidden components on the victim’s system to monitor and manipulate installed applications.
Once Nova Stealer is active, it executes an orchestrator script that manages the downloading of additional modules, enhancing its functionality and persistence. This includes the dangerous ability to detect, remove the original, and replace cryptocurrency wallet applications with malicious versions, all while avoiding detection through various technical means. The fake applications convincingly imitate genuine wallet interfaces, prompting users to enter their seed phrases while their input is secretly transmitted to the attackers.
Moreover, Nova Stealer’s dedicated modules not only exfiltrate sensitive wallet files but also collect system information to refine the attackers’ approach. This comprehensive and stealthy operation marks Nova Stealer as a sophisticated threat, necessitating increased awareness and security measures for cryptocurrency users.
👉 Pročitaj original: Cyber Security News
