- Security scientists see fake headbok Live app that targets Mac users
- The app replaces the legitimate and shows a false critical error
- The error requires the user to submit their 24-word seed seed
Cyber criminals are aimed at cryptocurrency owners with Apple Mac devices using a very sophisticated piece of malware hiding in ordinary vision and aiming to steal their seed phrases.
A ‘seed seed’ is a 12 or 24-word combination that allows any opportunity to load an existing wallet into a new device and access all the means inside.
In a new report, security scientists Moonlock said there are currently four active campaigns distributing a fake headbok live app that spoofing an official offer that allows users to send, control and track their crypto portfolio.
“High-Stakes effort”
The campaign has reportedly been active since August 2024, and although the report does not discuss how the victims end up downloading the fake headbok Live app, it shows how it works: it replaces the existing, legitimate app, and then during the login process shows a false error message.
The “critical error” can only be remedied by submitting the 24-word seed seed, which is then immediately forwarded to the striker.
“This is not just a theft. It is a high effort to overlook one of the most reliable tools in the crypto,” explains Moonlock. “And the thieves don’t back down.”
“Users need to take the news as a clear signal to stay aware,” the researchers concluded, calling on users to be wary of phishing -e emails, never share their seed phrases with anyone and only download cryptocurrency —tegog -apps from legitimate sources.
Cryptocurrency users remain an important target for cyber criminals everywhere – in the US, users lost about $ 9.3 billion for various scams in 2024 alone, Coindesk Said, citing an FBI report, an increase of 66% compared to 2023.
Via Bleeping computer
