itcoin #BTC

Just came across some concerning intel on a macOS malware that’s been circulating on darknet forums. It’s called macOS-HVNC, and the full form is Hidden VNC - basically a remote access tool that gives attackers complete system control without the user even knowing about it.

Here’s what makes this particularly dangerous: the program targets your login credentials, personal data, cryptocurrency holdings, and financial information. It’s been floating around since April 2023 with updates rolling out through July. The asking price? A $100,000 escrow deposit just to get access. That escrow mechanism is how darknet forums work - money held by admins as insurance in case the product doesn’t match the listing.

The threat landscape around this is worth paying attention to. According to BlackBerry’s research, finance, healthcare, and government sectors get hit hardest by these kinds of attacks. We’ve seen similar patterns with other notorious malware families - RedLine has been stealing crypto and banking info for years, Clop ransomware hit banking platforms like Hatch Bank, and you’ve got older players like SmokeLoader (active since 2011) still causing problems.

Malware like RaccoonStealer and Vidar have become increasingly common too. The fact that cybercriminals are willing to invest this heavily in macOS-specific tools suggests they see real value in targeting Apple users, which has traditionally been seen as more secure.

If you’re in crypto or finance, this is worth being aware of. Keep your systems patched, use hardware wallets for significant holdings, and stay skeptical of any suspicious activity on your Mac. The crypto community especially needs to be vigilant about these threats.