Skip to main content

Nasty MacBook with M1 malware could steal your cryptocurrency

MacBook Air
(Image credit: Laptop Mag)

Security researchers have found an ongoing malware campaign that's targeting M1 MacBook models, and it now has the potential to steal a user's cryptocurrency information. Once malicious actors get a hold of this, say goodbye to your digital tokens.

According to IT security company Trend Micro, the XCSSET malware can now run on ARM-based M1 processors via Xcode — Apple's integrated development environment (IDE) used to develop software for the iPhone, iPad and macOS

The malware was first spotted in August 2020 (via The Hacker News) but has only recently been updated to attack M1-equipped MacBook models, along with stealing cryptocurrency information.

As for how it works, XCSSET mainly targets Xcode developers. As the researcher points out, it loads malicious Safari frameworks and related JavaScript backdoors. Basically, it imitates packages such as “Safari 14” or icons for Big Sur and infects Xcode projects.

While the malware steals a user's private information on websites, it can also be used to impact cryptocurrency trading platforms by replacing the address in a user's cryptocurrency wallet with the malicious actors. Security researchers suggest users only "download apps from official and legitimate marketplaces."

Despite macOS Big Sur getting a boost in security, there will always be a new breed of malware for security researchers to deal with. While this hit mainly targets developers, this means there's a way for malware to slip past to infect more users.

This isn't the first malware to come to M1 MacBook models; we previously reported Apple's first malware threat to come to the tech giant's own ARM-based silicon.

(H/T Tom's Hardware)