Crypto Malware Realst Steals From Apple Devices

Israel Seizes Cryptocurrency Linked to Hezbollah

Hackers are eyeing macOS devices to steal crypto through new malware called Realst.

Web3 play-to-earn games have come to the limelight because users can earn money by playing games. However, bad actors have been riding the hype to steal users’ crypto.

macOS Devices Infected Through Web3 Games

SentinelOne identified at least 16 variants of the crypto malware Realst by scanning around 59 samples. Some of the variants are capable of targeting the latest macOS 14 Sonoma.

Crypto malware Realst is written in the Rust programming language and can steal sensitive information such as wallet passwords or even private keys of the cryptocurrency wallet. 

The SentinelOne report mentions that the hackers install the crypto malware Realst through fake Web3 games, such as Brawl Earth, WildWorld, Dawnland, Destruction, Evolion, Pearl, Olymp of Reptiles, and SaintLegend. Then the malicious actors went one step further, creating social media handles and websites for the fake games. 

Screenshot of fake Web3 game's Twitter handle.
Screenshot of fake Web3 game’s X handle.

How Does Malware Work?

The hackers ask the victims to install the game, but the folder contains a game.py file. That particular file steals information from users’ devices. Another installer.py file steals information from iCloud Keychain, such as passwords and private keys.

Screenshot from SentinelOne report highlighting the malicious files of crypto malware Realst
Screenshot from SentinelOne report highlighting the malicious files

One of the victims of the crypto malware Realst shared on X how hackers drained their wallets within 10 minutes of downloading the Brawl Earth game. They wrote:

“Project look serious, plenty of docs, Twitter with followers, Discord with hundreds of users. Before the meeting I decide to test it, there is a real playable game.”

The Brawl Earth team invited the victim for a call. But during the call, the team member deleted all the conversations and blocked the victim. Soon the victim realized that Brawl Earth had drained their crypto wallet.

Recently, Apple devices are often being targeted by hackers through various methods. On Tuesday, BeInCrypto discussed a new crypto phishing attack compromising the two-factor authentication on Apple devices.

In April, Apple pushed out an urgent software update after discovering a critical vulnerability that allowed hackers to do almost anything, even steal crypto from victims’ devices. Often MetaMask has warned users to be aware of phishing scams and the risks of backing up their wallet data on iCloud.

Read more about the 15 most common crypto scams here.

The cybersecurity company Kaspersky’s data shows that crypto phishing scams have increased by 40% year-on-year between 2021 and 2022. Ideally, users should store seed phrases or passwords offline, away from their devices, to reduce the risk of losing the data to hackers.

Got something to say about crypto malware Realst or anything else? Write to us or join the discussion on our Telegram channel. You can also catch us on TikTok, Facebook, or X.

For BeInCrypto’s latest Bitcoin (BTC) analysis, click here.

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content.



Source link

Be the first to comment

Leave a Reply

Your email address will not be published.


*