Cryptonews Bitcoin News Crypto-Stealing Malware Targets At Least 6.5K Victims

Crypto-Stealing Malware Targets At Least 6.5K Victims

Jaroslaw Adamowski
Last updated: | 2 min read

The ElectroRAT malware has been attempting to steal cryptoassets, including bitcoin (BTC), litecoin (LTC), ethereum (ETH), and monero (XMR), among others, from thousands of victims for the past year, according to a researcher at the New York-based cybersecurity company Intezer Labs.

Source: iStock/PeopleImages

Intezer estimates the campaign has infected thousands of victims, “based on the number of unique visitors to the pastebin pages used to locate the command and control servers.”

As of early January 2021, the user’s pastes have attracted close to 6,500 unique users, according to data obtained by the cybersecurity firm.

The development is part of a larger trend involving the spike in popularity of crypto-focused worms written in Golang, an open-source programming language.

Avigayil Mechtinger, Security Researcher at Intezer, said the company discovered the wide-ranging operation last December, but believes it was launched in January 2020.

“This extensive operation is composed of a full-fledged marketing campaign, custom cryptocurrency-related applications and a new Remote Access Tool (RAT) written from scratch,” Mechtinger said, adding it involved domain “registrations, websites, trojanized applications, fake social media accounts and a new undetected RAT that we have named ElectroRAT.”

Developed to target a number of operating systems, including Windows, Linux, and MacOS, the remote access trojan (RAT) was created with the use of Electron, a framework used to build a desktop app, hence the name.

“It is rather common to see various information stealers trying to collect private keys to access victims’ wallets. However, it is rare to see tools written from scratch and used to target multiple operating systems for these purposes,” the researcher said. “The attacker behind this operation has lured cryptocurrency users to download trojanized applications by promoting them in dedicated online forums and on social media.”

According to the company, if you were, or suspect that you are a victim of this scam, take the following steps:

  • Kill the process and delete all files related to the malware.
  • Make sure your machine is clean and running 100% trusted code using Intezer’s tools mentioned above.
  • Move your funds to a new wallet.
  • Change all of your passwords.

Also, in a related development indicating the surge of multi-platform malware developed in Golang, Intezer recently discovered a worm that has been using its victims’ hardware to mine Monero. The malware targets public-facing services such as MySQL, Tomcat, Jenkins, and WebLogic.

“The worm attempts to spread across the network in order to run XMRig Miner on a large scale. The malware targets both Windows and Linux servers and can easily maneuver from one platform to the other,” Mechtinger said.
___

Learn more:
Crypto Security in 2021: More Threats Against DeFi and Individual Users
Teaching True Story: Trader Robbed of Nearly USD Half Million in Bitcoin
The Ledger Saga: Death Threats, SIM Swaps, Lawsuits & No Reimbursements

Bitcoin Ethereum Litecoin Monero Security

Most Popular

Blockchain News
Crypto Lawyer John Deaton Is Outraising Elizabeth Warren In Election Campaign
Bitcoin News
Australian Crypto Mining Companies Collapse into Liquidation Owing 450 Investors
Blockchain News
Robert Kiyosaki Says No to Spot Bitcoin ETF Investments
Blockchain News
Mango Markets Hacker Found Guilty, Faces 20 Years in Prison: Reuters
Blockchain News
Binance Co-Founder Says Former CEO CZ Is in a ‘Positive Situation’ Ahead of Sentencing
Altcoin News
Best Crypto to Buy Now April 19 – Bitcoin, Dogwifhat, THORChain

Latest news

Blockchain News
Mango Markets Hacker Found Guilty, Faces 20 Years in Prison: Reuters
Blockchain News
Binance Co-Founder Says Former CEO CZ Is in a ‘Positive Situation’ Ahead of Sentencing
Altcoin News
Best Crypto to Buy Now April 19 – Bitcoin, Dogwifhat, THORChain
Bitcoin News
Bitcoin’s Fourth Halving Imminent: Less Than 100 Blocks Away – Here’s What Happens Next
Blockchain News
SEC Reworks Justin Sun Tron Lawsuit, Claims Founder “Traveled Extensively”
Blockchain News
Galactic Group Launch AAA Web3 Play-to-Own Game Publisher With World-Class Talent
Blockchain News
Andreas Brekken, Founder of SideShift.ai, on Bull Run, Meme Coins, and Ethereum Sharding | Ep. 327

Similar News