Hackers Target Cryptocurrency Users With New ElectroRAT Malware

An anonymous reader quotes a report from ZDNet: Security firm Intezer Labs said it discovered a covert year-long malware operation where cybercriminals created fake cryptocurrency apps in order to trick users into installing a new strain of malware on their systems, with the obvious end goal of stealing victims' funds. The campaign was discovered last month in December 2020, but researchers said they believe the group began spreading their malware as early as January 8, 2020. Intezer Labs said the hackers relied on three cryptocurrency-related apps for their scheme. The fake apps were named Jamm, eTrade/Kintum, and DaoPoker, and were hosted on dedicated websites at jamm[.]to, kintum[.]io, and daopker[.]com, respectively.

The first two apps claimed to provide a simple platform to trade cryptocurrency, while the third was a cryptocurrency poker app. All three apps came in versions for Windows, Mac, and Linux, and were built on top of Electron, an app-building framework. But Intezer researchers say the apps also came with a little surprise in the form of a new malware strain that was hidden inside, which the company's researchers named ElectroRAT. Intezer researchers believe the malware was being used to collect cryptocurrency wallet keys and then drain victims' accounts. To spread the trojanized applications, Intezer says the hackers posted ads for the three apps and their websites on niche cryptocurrency forums, or they used social media accounts. Because of a quirk in the malware's design, which retrieved the address of its command and control server from a Pastebin URL, Intezer believes this operation infected around 6,500 users -- the total number of times the Pastebin URLs were accessed.

Cryptocurrency is a nonsensical terminology!

[Anonymous Coward]

Cryptocurrencies = Digital Gold (BTC) + Digital Fool's Gold (ETH, XRP...)

https://twitter.com/udiWerthei... [twitter.com]
3/ So. Altcoins. To the untrained eye - the eye of a nocoiner - they really seem like a version of Bitcoin. You download a wallet, you get a key, you scan QR code.. it’s the same but it’s faster! Of course it’s going to win, right?
4/ Except that’s just surface-level stuff. In reality altcoins are nothing like Bitcoin. Bitcoin is all about having the rules of the a game set i

Re:

[sleepghost]

One certainty, you can't prevent con-artists to build products that serve their interests and target people who can't get the difference between a real innovation and a fake innovation. Money is still a misunderstood field, most people can't understand why Gold was money for thousands of years. Indeed a most accurate and technical word is shitcoin. This last definition enables multi-layers scams.

Re:

[gweihir]

Indeed. Well said.

I know somebody that got caught up in a conventional Ponzi-scheme. The crypto"currency" hype has all the same warning signs, with promises of massively unrealistic profits, people sitting in their filter-bubble and fawning how great everything is and people that are more in the average area for intelligence believing they are much smarter than everybody not in on the thing and believing that they have understood some great big secret that all those supposedly smart people on the outside ha

Re: Cryptocurrency is a nonsensical terminology!

[Pinky's Brain]

Set in stone? Hardly, there's been numerous protocol changes and that's not going to stop.

The difference is that with Ethereum there's a trademark owner which can determine that a fork should be called Ethereum without miner consensus. Whereas with Bitcoin it's kinda left up to the speculators what should be called Bitcoin and it's tradition to follow miner consensus.

If push came to shove and 2 of the biggest exchanges took the minority side in a fork I'm not sure the tradition would stand though, they have

Re: Cryptocurrency is a nonsensical terminology!

[Pinky's Brain]

Whatever the majority if miners say is valid, is valid. You can discard them and scream the blockchain is no longer Bitcoin, but the tradition is to follow the consensus and you would not be part of it.

Re:

[nitehawk214]

Yeah, people smashing their hamhocks into their keyboards on twitter is a great way to base a financial system.

Re:

[Pinky's Brain]

No, I'm describing a flag day hard fork. Which could easily have happened to Bitcoin with segwit2x.

The religious distinction you assign to older bitcoin core being able to validate the blockchain is rather arbitrary (assuming you increase DB_CONFIG of course, so not exactly the older bitcoin core ... but somehow that's not a hard fork because of reasons). Most speculators won't assign the same value to it as you.

There are no "cryptocurrency users"

[gweihir]

Except for short-lived publicity stunts, you cannot buy anything with this stuff. All these fools are just hoping for even greater fools that will pay them more than they paid for it (directly or via mining) and take this completely worthless stuff off their hands.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[account_deleted]

Comment removed based on user account deletion

ElectroRAT?

[nospam007]

I prefer Stainless Steel Rats.

Missing The Point

[deKernel]

And that is these people were installing un-vetted 3rd party applications and basically handing over encryption keys to it. REALLY....WTF are people thinking. It doesn't matter if you trust or even like crypto's, the main issue is that users were idiots and then got hosed because they were idiots.

Technical Analysis of the Mac Variant

[patrickwardle]

...if you're interested in more details on the macOS variant see, "Discharging ElectroRAT" https://objective-see.com/blog... [objective-see.com]

There is no honor amongst thieves

[ZaxbyChicken]

Criminals stealing imaginary money from other criminals. Good?