Research: $160 Malware Botnet Tries to Steal Crypto From 72,000 Devices

Published at: Oct. 4, 2019

Around 72,000 devices in 2019 alone were infected during a suspiciously cheap yet successful malware campaign to steal cryptocurrency, new data warns. 

MasterMana continues to spread

According to the research report published by cyberintelligence company Prevailion on Oct. 2, the MasterMana botnet uses budget Russian malware that is delivered as a Trojan via a phishing email scam.

The malware itself likely costs just $100, though the hackers also required a virtual public server at a cost of $60. 

Despite costing just around $160 in total, MasterMana achieved considerable success, Prevailion warned, concluding that the bad actors behind it reached 2,000 devices each week since December 2018. The researchers noted: 

“This campaign’s threat actors saw an opportunity and appear to have carved out a nice niche for themselves. We suspect that this particular threat actor is likely to continue operations, as previous public reporting has not deterred them, therefore we wanted to highlight their new modus operandi, so that network defenders may more easily identify their operations.”

Threats abound for crypto users

The malware works by arriving as an infected document in a phishing email. If a user opens the document, it would trigger a series of events which would create backdoors to steal any cryptocurrency holdings in associated hot wallets.

The resurgence in the price of cryptocurrencies this year has led to new threats being detected on an almost weekly basis.

Just last week, cybersecurity experts warned about a new spyware which used encrypted messenger Telegram to replace user wallet addresses with its own. 

Recently, major Slovakia-based antivirus software provider ESET has discovered a banking trojan that can steal cryptocurrencies and is especially widespread in Latin America.

As Cointelegraph reported, estimates put the total amount raised by cybercriminals this year at $4.3 billion.

Tags
Related Posts
Researchers Discover New Cryptocurrency-Focused Trojan
Computer analysts at cybersecurity firm Zscaler ThreatLabZ have found a new type of trojan that targets cryptocurrency users. In a blog post published on Aug. 8, the company reveals that it identified a new remote-access trojan (RAT) that is able to capture administrative control of the targeted computer, retrieve browser history and look for activities involving cryptocurrency, credit cards, business, social media and others. The malware is called Saefko and is written in .NET, a software framework developed by Microsoft and used to develop a wide range of applications. The post further explains: “RATs are usually downloaded as a result …
Cryptocurrencies / Aug. 9, 2019
App Offering Free Bitcoin and Ether to Users Is a Scam, Malware Hunter Warns
An app that claims to give users the chance to earn $45 a day in free bitcoin (BTC) is a scam, according to a tweet by an “independent malware hunter” posted on May 20. The software, known as Bitcoin Collector, is advertised on a website that supposedly enables users to share a unique URL with their friends with payouts of 3 ether (ETH) (worth about $800 at press time) for every 1,000 people who click on it. But according to a security researcher who goes by the nickname Frost on Twitter, the app is a front for attempts to steal …
Ethereum / May 27, 2019
Android Malware Targets Users of 32 Crypto Apps, Including Coinbase, BitPay
A new strain of Trojan malware for Android phones is targeting global users of top crypto apps such as Coinbase, BitPay and Bitcoin Wallet, as well as banks including JPMorgan, Wells Fargo, and Bank of America. The news was reported by technology news outlet The Next Web on March 28. Based on research from prominent cybercrime analytics firm Group-IB, this is reportedly the first time the Trojan — now named “Gustuff” — has been reported or analyzed. The malware is described as being designed for mass infection and is spread by SMS messages with links to load malicious Android package …
Cryptocurrencies / March 29, 2019
Research Reveals $1.7 Billion Obtained via Crypto Thefts and Scams in 2018
About $1.7 billion in cryptocurrency had been obtained via illicit means in 2018, according to research published by crypto analytics company CipherTrace on Jan. 29. Of that $1.7 billion, over $950 million was stolen from crypto exchanges, representing a 3.6 times increase over 2017. On the other hand, at least $725 million was lost in 2018 to scams such as ponzi schemes, exit schemes and fraudulent initial coin offerings (ICOs). CipherTrace also listed what the company believes to be the top ten cryptocurrency threats: the highest is SIM swapping, which is a kind of identity theft involving taking control over …
Cryptocurrencies / Jan. 30, 2019
Crypto Price Tracking App CoinTicker Installs Backdoors to Control Host Computer: Report
Cybersecurity publications were sounding the alarm over cryptocurrency malware again Monday, Oct. 29 after a Malwarebytes forum user reported a price monitoring app for macOS was a trojan. Confirmed in a blog post by the cybersecurity software developer, community member 1vladimir reported suspicious behavior by an app called CoinTicker over the weekend. The app purports to let users track cryptocurrency prices from within the Mac toolbar, which update automatically. “Although this functionality seems to be legitimate, the app is actually up to no good in the background, unbeknownst to the user,” Malwarebytes’ blog post explains, adding: “Without any signs of …
Cryptocurrencies / Oct. 30, 2018