Researchers warn 3 apps have been stealing crypto undetected for a year

Researchers warn 3 apps have been stealing crypto undetected for a year

Cyber security researchers have discovered a year-long malware operation that has targeted cryptocurrency users with the creation of a number of fake apps.

Security firm Intezer Labs warned that ever increasing crypto prices have created heightened activity among hackers and malicious actors seeking financial gains. The malware has been disseminated over the past year, but was only discovered in December 2020.

The new remote access trojan (RAT), dubbed ElectroRAT, has been used to empty the cryptocurrency wallets of thousands of Windows, macOS, and Linux users, the report added.

Three cryptocurrency-related apps deployed in the attack — Jamm, eTrade/Kintum, and DaoPoker — were all hosted on their own websites. The first two are bogus crypto trading apps while the third is gambling based.

The ElectroRAT malware hidden inside these apps is extremely intrusive according to the researchers;

“It has various capabilities such as keylogging, taking screenshots, uploading files from disk, downloading files, and executing commands on the victim’s console.”

After being launched on a victim’s computer, the apps show a foreground user interface designed to divert attention from the malicious background processes. The apps were promoted using social media platforms Twitter and Telegram in addition to cryptocurrency based forums such as Bitcointalk.

Intezer Labs estimated that the campaign has already infected “thousands of victims” who have had their crypto wallets emptied. It added that there was evidence that some victims who were compromised by the apps were using popular crypto wallets such as MetaMask.

The malware has been written in a multi-platform programming language called Golang which makes it harder to detect. The security firm stated that it was uncommon to see a RAT designed to steal personal information from cryptocurrency users that was written from scratch, adding;

“It is even rarer to see such a wide-ranging and targeted campaign that includes various components such as fake apps and websites, and marketing/promotional efforts via relevant forums and social media.”

There have been a number of cases in 2020 where fake versions of legitimate apps and browser extensions such as MetaMask or Ledger have made their way onto victims computers. This may be related to Ledger’s massive data breach in mid-December.

In September 2020, Coinbase users were among the victims of new Android-based malware disseminated through Google Play Store.

Title: Researchers warn 3 apps have been stealing crypto undetected for a year
Sourced From: cointelegraph.com/news/researchers-warn-3-apps-have-been-stealing-crypto-undetected-for-a-year
Published Date: Thu, 07 Jan 2021 03:00:05 +0000

2021's Most Anticipated Growth & Wealth-Building Opportunity

Join Thousands of Early Adopters Just Like You Who Want to Grow Capital and Truly Understand Cryptocurrency Together

Donna Burk

Donna Burk– Business News My Name is Donna Burk and I am also the main source from the ‘Dailynewssheet.com’ of all the exclusive and most delicate visualization of the activities in the business sector. My first step towards this journey was taken in the very early years of my life. I started with an independent financial consultant. However, I only had almost 4 years of skills and experience in this market. I have always been a free personality and like to fly one place to another, to explore more and more. Moreover, this passion and craze of traveling gave me a chance to report a section for best news associations. Last but not least, I am presently working full-time as an editor.

Leave a Reply

Your email address will not be published. Required fields are marked *

2021's Most Anticipated Growth & Wealth-Building Opportunity

Join Thousands of Early Adopters Just Like You Who Want to Grow Capital and Truly Understand Cryptocurrency Together