Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Security Bitcoin

Hackers Target Cryptocurrency Users With New ElectroRAT Malware (zdnet.com) 20

An anonymous reader quotes a report from ZDNet: Security firm Intezer Labs said it discovered a covert year-long malware operation where cybercriminals created fake cryptocurrency apps in order to trick users into installing a new strain of malware on their systems, with the obvious end goal of stealing victims' funds. The campaign was discovered last month in December 2020, but researchers said they believe the group began spreading their malware as early as January 8, 2020. Intezer Labs said the hackers relied on three cryptocurrency-related apps for their scheme. The fake apps were named Jamm, eTrade/Kintum, and DaoPoker, and were hosted on dedicated websites at jamm[.]to, kintum[.]io, and daopker[.]com, respectively.

The first two apps claimed to provide a simple platform to trade cryptocurrency, while the third was a cryptocurrency poker app. All three apps came in versions for Windows, Mac, and Linux, and were built on top of Electron, an app-building framework. But Intezer researchers say the apps also came with a little surprise in the form of a new malware strain that was hidden inside, which the company's researchers named ElectroRAT. Intezer researchers believe the malware was being used to collect cryptocurrency wallet keys and then drain victims' accounts. To spread the trojanized applications, Intezer says the hackers posted ads for the three apps and their websites on niche cryptocurrency forums, or they used social media accounts. Because of a quirk in the malware's design, which retrieved the address of its command and control server from a Pastebin URL, Intezer believes this operation infected around 6,500 users -- the total number of times the Pastebin URLs were accessed.

This discussion has been archived. No new comments can be posted.

Hackers Target Cryptocurrency Users With New ElectroRAT Malware

Comments Filter:
  • Cryptocurrencies = Digital Gold (BTC) + Digital Fool's Gold (ETH, XRP...)

    https://twitter.com/udiWerthei... [twitter.com]
    3/ So. Altcoins. To the untrained eye - the eye of a nocoiner - they really seem like a version of Bitcoin. You download a wallet, you get a key, you scan QR code.. it’s the same but it’s faster! Of course it’s going to win, right?
    4/ Except that’s just surface-level stuff. In reality altcoins are nothing like Bitcoin. Bitcoin is all about having the rules of the a game set i
    • One certainty, you can't prevent con-artists to build products that serve their interests and target people who can't get the difference between a real innovation and a fake innovation. Money is still a misunderstood field, most people can't understand why Gold was money for thousands of years. Indeed a most accurate and technical word is shitcoin. This last definition enables multi-layers scams.

      • by gweihir ( 88907 )

        Indeed. Well said.

        I know somebody that got caught up in a conventional Ponzi-scheme. The crypto"currency" hype has all the same warning signs, with promises of massively unrealistic profits, people sitting in their filter-bubble and fawning how great everything is and people that are more in the average area for intelligence believing they are much smarter than everybody not in on the thing and believing that they have understood some great big secret that all those supposedly smart people on the outside ha

    • Set in stone? Hardly, there's been numerous protocol changes and that's not going to stop.

      The difference is that with Ethereum there's a trademark owner which can determine that a fork should be called Ethereum without miner consensus. Whereas with Bitcoin it's kinda left up to the speculators what should be called Bitcoin and it's tradition to follow miner consensus.

      If push came to shove and 2 of the biggest exchanges took the minority side in a fork I'm not sure the tradition would stand though, they have

  • by gweihir ( 88907 ) on Wednesday January 06, 2021 @10:19AM (#60903028)

    Except for short-lived publicity stunts, you cannot buy anything with this stuff. All these fools are just hoping for even greater fools that will pay them more than they paid for it (directly or via mining) and take this completely worthless stuff off their hands.

  • I prefer Stainless Steel Rats.

  • And that is these people were installing un-vetted 3rd party applications and basically handing over encryption keys to it. REALLY....WTF are people thinking. It doesn't matter if you trust or even like crypto's, the main issue is that users were idiots and then got hosed because they were idiots.

  • ...if you're interested in more details on the macOS variant see, "Discharging ElectroRAT" https://objective-see.com/blog... [objective-see.com]
  • Criminals stealing imaginary money from other criminals. Good?

You know you've landed gear-up when it takes full power to taxi.

Working...