Cybercriminals are using fake Ledger Live Apps to consume Macos users’ cryptocurrency by stealing seed phrases that are warned by cybersecurity companies.
The malware replaces the legitimate ledger real-time application on the victim’s device and then prompts the user Enter a seed phrase Through fake pop-up messages, a team from Moonlock explain In the May 22 report.
“Initially, attackers could use clones to steal passwords, notes and wallet details to get a glimpse of the wallet’s assets, but they can’t withdraw funds,” the Moonlock team said.
It added: “Now, within a year, they have learned to steal seed phrases and empty their victim’s wallets.”
One way for scammers to replace Real Ledger Live apps with clones is through an atomic MacOS stealer, designed to steal sensitive data, which Moonlock explain It found at least 2,800 hacker sites lurking.
After infecting the device, Atomic MacOS stole personal data, passwords, notes and Wallet details And replaced the Real Ledger Live application with forgery.
“The fake app then displays a compelling alert to prompt the user to enter their seed phrase,” the Moonlock team said.
“After entering, the seed phrase is sent to an attacker-controlled server and the user’s assets are exposed within seconds.”
Malware activity that has been active since August
Moonlock has been Tracking distributed malware Ledger’s malicious clones have carried out at least four active campaigns since August, and they believe hackers “will only get smarter.”
threaten Actors on the Dark Web Malware with “Reverse LEDGER” capability is being provided. However, one of the examples of Moonlock checks does not feature the full reverse phishing feature of the ad. The company speculates that the features may be “still under development or are being updated in the future.”
“It’s not just theft. It’s a high-risk effort that makes Mart one of the most trusted tools in the cryptocurrency world. And, the thief isn’t backing down,” Moonlock said.
“On the dark web forums, chats around reverse potential plans.
Related: Layout gains discord after hacker bot tries to steal seed phrases
avoid Become a prey like a malware scamcybersecurity companies recommend being alert to any page warning of critical errors and requiring the use of 24-word recovery phrases.
Meanwhile, never share seed phrases with anyone or type them on any website, no matter how legitimate it looks, and only download Ledger from its official sources.
Ledger did not immediately respond to Cointelegraph’s request for comment.
Magazine: AI scientists prepare for 50% of death
