CookieMiner

CookieMiner is a malicious software, or malware, specifically designed to exploit and damage computer systems with the primary objective of stealing cryptocurrency. Its method of operation involves extracting login credentials and credit card information from unsuspecting users. The malware targets passwords and login details for cyberwallets stored on Google Chrome, browser authentication cookies linked to cryptocurrency exchanges, and even iTunes backups containing text messages. This comprehensive data collection enables CookieMiner to bypass two-factor authentication, gaining access to victims' cryptocurrency wallets and subsequently draining their funds. The malware's sophisticated techniques include configuring the victim's machine to mine cryptocurrency, maintaining persistence, and reporting all wallet-related file paths to its remote server for future uploads according to command and control (C2) instructions. In addition to stealing cryptocurrency, CookieMiner also attempts to pilfer credit card information from major issuers such as Visa, Mastercard, American Express, and Discover. To accomplish these tasks, it abuses decryption and extraction operations adopted from the Google Chromium project's code. In summary, CookieMiner represents a significant threat to individuals and organizations due to its multifaceted approach to cyber theft. It not only compromises personal and financial information but also uses the infected machines for cryptocurrency mining. The malware's ability to bypass two-factor authentication underscores the sophistication of its design and the magnitude of the threat it poses. Users are advised to maintain updated security protocols and be cautious of suspicious downloads, emails, or websites to mitigate the risk of infection.