Nasty MacBook with M1 malware could steal your cryptocurrency

MacBook Air
(Image credit: Laptop Mag)

Security researchers have found an ongoing malware campaign that's targeting M1 MacBook models, and it now has the potential to steal a user's cryptocurrency information. Once malicious actors get a hold of this, say goodbye to your digital tokens.

According to IT security company Trend Micro, the XCSSET malware can now run on ARM-based M1 processors via Xcode — Apple's integrated development environment (IDE) used to develop software for the iPhone, iPad and macOS

The malware was first spotted in August 2020 (via The Hacker News) but has only recently been updated to attack M1-equipped MacBook models, along with stealing cryptocurrency information.

As for how it works, XCSSET mainly targets Xcode developers. As the researcher points out, it loads malicious Safari frameworks and related JavaScript backdoors. Basically, it imitates packages such as “Safari 14” or icons for Big Sur and infects Xcode projects.

While the malware steals a user's private information on websites, it can also be used to impact cryptocurrency trading platforms by replacing the address in a user's cryptocurrency wallet with the malicious actors. Security researchers suggest users only "download apps from official and legitimate marketplaces."

Despite macOS Big Sur getting a boost in security, there will always be a new breed of malware for security researchers to deal with. While this hit mainly targets developers, this means there's a way for malware to slip past to infect more users.

This isn't the first malware to come to M1 MacBook models; we previously reported Apple's first malware threat to come to the tech giant's own ARM-based silicon.

(H/T Tom's Hardware)

Darragh Murphy
Editor

Darragh Murphy is fascinated by all things bizarre, which usually leads to assorted coverage varying from washing machines designed for AirPods to the mischievous world of cyberattacks. Whether it's connecting Scar from The Lion King to two-factor authentication or turning his love for gadgets into a fabricated rap battle from 8 Mile, he believes there’s always a quirky spin to be made. With a Master’s degree in Magazine Journalism from The University of Sheffield, along with short stints at Kerrang! and Exposed Magazine, Darragh started his career writing about the tech industry at Time Out Dubai and ShortList Dubai, covering everything from the latest iPhone models and Huawei laptops to massive Esports events in the Middle East. Now, he can be found proudly diving into gaming, gadgets, and letting readers know the joys of docking stations for Laptop Mag.