Researchers are calling this new malware a triple threat for crypto users

0

Cybersecurity experts at ESET published an in-depth study about a new malware named “KryptoCibule.” This exploit specifically targets Windows users with three methods of attack, including by installing a crypto mining app, directly stealing crypto wallet files, and replacing copy/pasted wallet addresses as a means to hijack individual transactions.

According to the cybersecurity firm, KryptoCibule’s developers rely on the Tor network and BitTorrent protocol to coordinate the attacks.

The malware’s original incarnation first appeared in December 2018. At that time, it was merely a Monero mining utility that quietly harvested user’s system resources to generate the currency. By February 2019, KryptoCibule had evolved to include ways to exfiltrate crypto wallet files from victim machines. Since then, the malware has added a third dimension to its attack base with the inclusion of kawpowminer — an application that mines Ethereum (ETH).

ESET telemetry revealed that victims have been actively downloading infected torrent files which contain KryptoCibule via a file-sharing site named Uloz. Most appear to be located in the Czech Republic and Slovakia.

The researchers noted that, despite its age, the malware “doesn’t seem to have attracted much attention until now”:

“Presumably the malware operators were able to earn more money by stealing wallets and mining cryptocurrencies than what we found in the wallets used by the clipboard hijacking component. The revenue generated by that component alone does not seem enough to justify the development effort observed.”

Cybersecurity firm Symantec noted in August that Blockchain assets began surging in price following the March crash, claiming that this triggered a new wave of cryptojacking attacks.

Source link

Leave A Reply

Your email address will not be published.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

ethereum
Ethereum (ETH) $ 367.49 3.10%
chainlink
Chainlink (LINK) $ 10.04 8.10%
ampleforth
Ampleforth (AMPL) $ 0.904473 11.95%
maker
Maker (MKR) $ 553.15 3.07%
compound-governance-token
Compound (COMP) $ 93.77 9.14%
havven
Synthetix Network Token (SNX) $ 3.49 7.34%
ethlend
Aave [OLD] (LEND) $ 0.335562 9.29%
kyber-network
Kyber Network (KNC) $ 0.862509 5.58%
0x
0x (ZRX) $ 0.360849 7.87%
augur
Augur (REP) $ 12.98 4.81%
republic-protocol
REN (REN) $ 0.282976 13.52%
loopring
Loopring (LRC) $ 0.157312 7.73%
bancor
Bancor Network Token (BNT) $ 0.891376 18.23%
yearn-finance
yearn.finance (YFI) $ 13,132.72 9.50%
band-protocol
Band Protocol (BAND) $ 5.55 8.95%
kava
Kava (KAVA) $ 1.79 9.17%
reserve-rights-token
Reserve Rights Token (RSR) $ 0.009549 11.11%