PennyWise crypto-stealing malware spreads through YouTube
The malware targets Zcash and Ethereum wallets alongside Electrum, Atomic Wallet and Coinomi, it takes your browser extension and login data and reads your chat logs. A new strain of crypto-malware is being spread via YouTube, tricking users to download software that’s designed to steal data from 30 crypto wallets and crypto-browser extensions.Cyber intelligence company Cyble in a June 30 blog post said it had been tracking the malware known as “PennyWise” — likely named after the monster in Stephen King's horror novel “It” — since it was first identified in May.“Our investigation....
Related News
A trojan called CoinThief is stealing tens of thousands of dollars worth of BTC from unsuspecting Mac users. Contrary to popular belief, Macs do in fact get viruses. It's just that 91% of the world uses Windows while only 7% of the world uses OSX (The remaining percentage uses Linux). As such, virus makers have more incentive to create malware for Windows, because it simply makes sense to target the majority of computer users. This is generally great news for Mac users, since they remain virtually virus free. However, it can make them pretty complacent about security, and when a Mac virus....
Computer security firm Dell SecureWorks has managed to identify 146 types of bitcoin malware in the wild. The company's researchers found the distinct breeds of malware had been specifically designed to steal bitcoins - a number of them presenting quite a danger to owners with coins stored either online or on their computers. The firm concluded that the number of Windows-compatible cryptocurrency stealing malware (CCSM) strains has gone up in line with bitcoin's increase in value. The total of 146 strains is up from 45 a year ago, and 13 two years ago, the researchers say. The biggest....
The recent hacking and defacing of the blog and Twitter account of Mt. Gox CEO Mark Karpeles, and the leaking of a 716 Mb archive file that allegedly contained trade data, database dumps, personal information about Karpeles, and an app for remotely accessing Mt. Gox data, has apparently been a clever ruse to make users download Bitcoin-stealing malware. According to Kaspersky Lab expert Sergey Lozhkin, the file does contain (publicly available) data related to Mt. Gox trades, but also a Windows and a Mac Trojan.
Chainalysis warned that even “low-skilled cybercriminals” are using malware to swipe funds from crypto hodlers. Cryptojacking accounted for 73% of the total value received by malware related addresses between 2017 and 2021, according to a new malware report from blockchain analysis firm Chainalysis.Malware is used to conduct nefarious activity on a victim’s device such as a smartphone or PC after being downloaded without the victim’s knowledge. Malware-powered crime can be anything from information-stealing to denial-of-service (DDoS) attacks or ad fraud on a grand scale. The report....
New infected Rubygems packages have been spotted in its open-source software repository and which contained malicious code mainly used to steal cryptocurrencies from users via supply chain attack. Two Cryptocurrency-Stealers Rubygems Detected by Researchers at Sonatype According to Ax Sharma, a security researcher at Sonatype, the two gems detected — pretty_color and ruby-bitcoin — had malware that deployed the attack on Windows machines and replaced any bitcoin (BTC), ethereum (ETH), or monero (XMR) wallet addresses found on the victim’s clipboard by the attackers’....