A fake website mimicking BlueWallet, a legitimate Bitcoin wallet, is targeting Mac users with malware that steals passwords, accounts, and cryptocurrencies. Users are tricked into downloading and executing an AppleScript that bypasses security measures. The malware can steal sensitive data, hijack clipboard content, and remains persistent. Victims are advised to disconnect from the internet, run full scans, and change passwords immediately if they have executed the malware.
Key features include the ability to capture browser data, cryptocurrency wallets, and cloud credentials. The campaign highlights a growing trend in social engineering where users are manipulated into running malicious software.