Over 28,000 devices were infected by crypto-malware, stealing just $6,000 worth of Bitcoin and Ethereum, Doctor Web reports.
Malware disguised as legit software mined crypto and stole wallet addresses by altering copied info on users' clipboards.
Sophisticated malware tricks users with fake apps and websites, like a WalletConnect scam that stole $70K from over 10,000 people.
Cybersecurity firm Doctor Web estimated more than 28,000 devices are being infected to swipe cryptocurrency via malware. Recently, the malware disguised itself as legitimate software and swiped $6 000 in Bitcoin and Ethereum from users, the majority being citizens of Russia and neighboring countries like Belarus, Uzbekistan, and Kazakhstan.
Doctor Web said that customers who mistakenly installed these fake apps got this malware, which was hidden behind office programs, game cheats, and trading bots. Despite infecting tens of thousands of devices, the hackers were only able to take off a modest quantity of cryptocurrency. Furthermore, it's unknown how much money the malware's creator made overall by mining cryptocurrencies illegally.
https://twitter.com/BlockInsider_/status/1844257887033364515 How the Malware Operated
The malware used multiple techniques to steal crypto and avoid detection. Besides hijacking computing resources to mine crypto, it also employed a "clipper" mechanism to monitor and manipulate users' clipboard activity. When users copied wallet addresses, the malware replaced them with those controlled by the attackers, enabling the theft.
Moreover, the malware was designed to avoid antivirus scans by using password-protected archives. It disguised its malicious files as legitimate system components to prevent users from noticing the threat. The attack also relied on fraudulent GitHub pages and YouTube links to lure victims into downloading the infected software.
Rising Threat in the Crypto World
Additionally, Binance recently warned about a surge in clipper malware activity, highlighting a significant spike in August. Clipboard malware has been a threat since the 2017 crypto bull run, but these attacks have become more sophisticated over the years, combining multiple malicious functions to maximize damage.
Moreover, cybercriminals have been exploiting other avenues. A fake WalletConnect app recently targeted mobile users and drained $70,000 from crypto wallets, tricking more than 10,000 victims into downloading it from the Google Play Store.
The post Crypto Frauds Target 28K Users, Steal $6,000 in Bitcoin and Ethereum appeared first on Crypto News Land.