Date:23/01/19
In Autumn 2018 cryptocurrency mining enthusiasts began noticing messages suggesting they install a tool for monitoring cryptocurrency prices. The app developers promised a certified, trusted and free widget. At first glance, this program doesn’t raise any suspicions. It has a valid digital signature and works exactly as promised. But behind this seemingly flawless functionality, there’s a hidden catch: it will steal your private data.
Upon installation, the program compiles and runs malicious code downloaded from the developer’s personal Github account. Once completed, it uploads Trojan.PWS.Stealer.24943, also known among malware developers as AZORult, to a victim’s device. This Trojan allows cybercriminals to steal a vast amount of private data, including passwords from cryptocurrency wallets.
In most cases encountered by Doctor Web researchers, this malware was distributed in English on forums dedicated to cryptocurrency mining. It was seen less often on Polish and Russian forums dedicated to the same subject.
At present, the Trojan is still available on several file exchanges, as well as on the Github account mentioned earlier. Dr.Web products successfully detect and remove this type of malware. That said, our cybersecurity researchers strongly advise you to timely renew your anti-virus subscription and install all the latest updates.
Dr.Web detects new computer virus hacking cryptocurrency wallets
In Autumn 2018 cryptocurrency mining enthusiasts began noticing messages suggesting they install a tool for monitoring cryptocurrency prices. The app developers promised a certified, trusted and free widget. At first glance, this program doesn’t raise any suspicions. It has a valid digital signature and works exactly as promised. But behind this seemingly flawless functionality, there’s a hidden catch: it will steal your private data.Upon installation, the program compiles and runs malicious code downloaded from the developer’s personal Github account. Once completed, it uploads Trojan.PWS.Stealer.24943, also known among malware developers as AZORult, to a victim’s device. This Trojan allows cybercriminals to steal a vast amount of private data, including passwords from cryptocurrency wallets.
In most cases encountered by Doctor Web researchers, this malware was distributed in English on forums dedicated to cryptocurrency mining. It was seen less often on Polish and Russian forums dedicated to the same subject.
At present, the Trojan is still available on several file exchanges, as well as on the Github account mentioned earlier. Dr.Web products successfully detect and remove this type of malware. That said, our cybersecurity researchers strongly advise you to timely renew your anti-virus subscription and install all the latest updates.
Views: 378
©ictnews.az. All rights reserved.
Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World
