MacOS users are facing a new security threat from malware capable of hijacking Telegram Desktop sessions and stealing cryptocurrency wallet data. The malware, discovered by SlowMist researchers, exploits authenticated session files, bypassing standard security measures, according to Coin Central.The macOS malware targets information stored locally on infected devices, including passwords, browser cookies, Apple Notes and Telegram Desktop session files. Instead of breaking login credentials, the malware copies existing authenticated session data. This allows attackers to restore access to a Telegram account on a different device without needing the user's phone number, verification codes, or even the two-step verification password, as the copied session bypasses these checks. The attack also targets popular cryptocurrency wallet applications such as Exodus, Atomic, Electrum, Wasabi, and Monero, as well as hardware wallet applications like Ledger Live and Trezor Suite. It also searches for full-node wallet databases for Bitcoin Core, Litecoin Core, Dash Core, and Dogecoin Core.SlowMist advises users to immediately terminate all active Telegram sessions, change their two-step verification password and Telegram Desktop passcode, and move any funds from potentially compromised wallets to new, clean wallets on uncompromised devices.Source: Coin Central
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
AdwareYou can skip this ad in 5 seconds




