Info Stealer
ThunderKitty
First seen: 2024-01 • Status: active
Currently Active Threat
ThunderKitty is a Mac stealer that goes after crypto wallets, SSH keys, and cloud accounts.
Overview
ThunderKitty is an emerging macOS stealer that targets crypto wallets, SSH keys, and cloud credentials.
How It Spreads
- • Fake apps
- • Phishing
What It Does
- • Crypto theft
- • SSH key theft
- • Cloud credential theft
Is your business exposed?
Target Platforms
macOS
Detection Tips
- • Monitor for SSH key access
MITRE ATT&CK Techniques
T1555, T1552
If You're Infected
- 1.
Rotate all SSH keys
- 2.
Reset cloud credentials
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required