"Cthulhu Stealer is an Apple disk image (DMG) that is bundled with two binaries, depending on the architecture," Cato Security researcher Tara Gould said. "The malware is written in Golang and disguises itself as legitimate software."
"The main functionality of Cthulhu Stealer is to steal credentials and cryptocurrency wallets from various stores, including game accounts," Gould said.
Users who end up launching the unsigned file after explicitly allowing it to be run - i.e., bypassing Gatekeeper protections - are prompted to enter their system password.
The functionality and features of Cthulhu Stealer are very similar to Atomic Stealer, indicating the developer of Cthulhu Stealer probably took Atomic Stealer and modified the existing code to create this new variant.
[
Collection
]
[
|
...
]