Anti-malware software Malwarebytes highlighted two new forms of malicious computer programs propagated by unknown sources that are actively targeting crypto investors in a desktop environment. Since December 2022, the two malicious files in question — MortalKombat ransomware and Laplas Clipper malware threats — have been actively scouting the Internet for stealing cryptocurrencies from unwary investors, revealed the threat intelligence research team, Cisco Talos. The victims of this campaign are predominantly located in the United States, with a smaller percentage of victims in the United Kingdom, Turkey, and the Philippines, as shown below. The malicious software work in partnership to swoop …
How to protect yourself in the metaverse To protect yourself in the metaverse, use strong passwords, be cautious of suspicious activity, and limit the amount of personal information shared online. Here are some ways to protect yourself in the metaverse: Use strong and unique passwords: Create secure passwords utilizing a variety of letters, numbers and symbols and steer clear of using the same one for many accounts. When disclosing personal information, exercise caution: Be cautious when sharing information online and be on the lookout for unauthorized requests for personal information. Utilize two-factor authentication: To further secure your accounts, use two-factor …
Financial authorities in Germany are raising the alarm amid the rapid spread of a new financial malware affecting banking and cryptocurrency applications. Germany’s Federal Financial Supervisory Authority (BaFin) released an official statement on Jan. 9, warning consumers of “Godfather,” a malware collecting user data in banking and crypto apps. BaFin emphasized that the new virus is targeting about 400 banking and crypto apps, including those operating in Germany. Godfather malware attacks users by displaying fake websites of regular banking and crypto apps, stealing their login data. According to the regulator, it is yet to be determined how the malware attacks …
Hackers hide malware in fake NFT game A phishing website purporting to offer a Pokémon-branded nonfungible token (NFT) card game has been spreading malware to unsuspecting gamers, a cybersecurity firm has warned. The website, which at the time of writing was still online, also claims to offer an NFT marketplace, with a link to buy tokens and even an area to stake NFTs all based on the popular Japanese media franchise. However, an arm of the South Korean cybersecurity firm AhnLab, warned the public about website on Jan. 6, noting that instead of downloading the game, users were actually downloading …
Malware, ransomware attacks and phishing are not the only scourges of the crypto industry as the Metaverse could become a big target next year, according to cybersecurity experts. In its “Consumer Cyberthreats: Predictions for 2023” report on Nov. 28, cybersecurity firm Kaspersky forewarned that there will be greater exploitation of the Metaverse due to lacking data protection and moderation rules. Kaspersky acknowledged there are currently only a handful of metaverse platforms, but the number of metaverses is set to expand in the coming years and the market could even top $50 billion by 2026. That expansion will entice cyber criminals …
Bitcoin (BTC) is forecasted to be a less enticing payment choice by cybercriminals as regulations and tracking technologies improve, thwarting their ability to safely move funds. Cybersecurity firm Kaspersky in a Nov. 22 report noted that ransomware negotiations and payments would rely less on Bitcoin as a transfer of value as an increase in digital asset regulations and tracking technologies will force cybercriminals to rotate away from Bitcoin and into other methods. As reported by Cointelegraph, ransomware payments using crypto topped $600 million in 2021 and some of the biggest heists such as the Colonial Pipeline attack demanded BTC as …
A newly upgraded version of a banking and crypto app targeting malware has recently resurfaced on the Google Play store, now with the capability to steal cookies from account logins and bypass fingerprint or authentication requirements. A warning about the new version of the malware was shared by malware analyst Alberto Segura and treat intelligence analyst Mike Stokkel on Twitter accounts on Sept. 2, sharing their co-authored article on Fox IT’s blog. We discovered a new version of #SharkbotDropper in Google Play used to download and install #Sharkbot! The found droppers were used in a campaign targeting UK and IT! …
Crypto mining malware has been sneakily invading hundreds of thousands of computers around the world since 2019, often masquerading as legitimate programs, such as Google Translate, new research has found. In an Aug. 29 report by Check Point Research (CPR), a research team for American-Israeli cybersecurity provider, Check Point Software Technologies, the malware has been flying under the radar for years, thanks partly to its insidious design which delays instaling the crypto mining malware for weeks after the initial software download. .@_CPResearch_ detected a #crypto miner #malware campaign, which potentially infected thousands of machines worldwide. Dubbed ‘Nitrokod,” the attack was …
A new strain of crypto-malware is being spread via YouTube, tricking users to download software that’s designed to steal data from 30 crypto wallets and crypto-browser extensions. Cyber intelligence company Cyble in a June 30 blog post said it had been tracking the malware known as PennyWise — likely named after the monster in Stephen King’s horror novel It — since it was first identified in May. “Our investigation indicates that the stealer is an emerging threat,” wrote Cyble in a blog post on June 30: “In its current iteration, this stealer can target over 30 browsers and cryptocurrency applications …
Cybersecurity experts identified and disclosed the rising popularity of airdrop phishing among crypto and nonfungible token (NFT) scammers. Airdrops serve as an essential marketing tool for crypto projects, which involves sending free cryptocurrency tokens or NFTs to promote awareness among investors. However, a new report released by Malwarebytes Labs highlighted an alarming rise in airdrop phishing attempts as scammers try to cash in on the hype around Yuga Labs’ BAYC Ape-related NFT collection. Airdrop phishing: what is it, and how is my cryptocurrency at risk? https://t.co/kWG09l06fi — Malwarebytes (@Malwarebytes) May 3, 2022 Malwarebytes recorded that the most common airdrop phishing …
Research by cyber security firm ESET has uncovered a “sophisticated scheme” that disseminates Trojan apps disguised as popular cryptocurrency wallets. The malicious scheme targets mobile devices using Android or Apple (iOS) operating systems which become compromised if the user downloads a fake app. According to ESET's research, these malicious apps are distributed through bogus websites, and imitate legitimate crypto wallets, including MetaMask, Coinbase, Trust Wallet, TokenPocket, Bitpie, imToken, and OneKey. The firm also discovered 13 malicious apps impersonating the Jaxx Liberty wallet, available on the Google Play Store. Google has since removed the offending apps, which were installed more than …
An unfortunate Bitcoin (BTC) user was duped out of 0.255 BTC, almost $10,000, due to malware running on their computer. Louis Nel, a tech blogger and crypto enthusiast, flagged the issue on Twitter, referring to his friend as ‘C.’ A friend sent 0.255BTC from his bitcoin wallet to an exchange. He copied and pasted the wallet address on his computer. After 4 hours he was worried when the funds did not arrive at the exchange... — Louis Nel (@LouisNel) March 14, 2022 Nel told Cointelegraph that C’s “Bitcoin was sent from Kraken to VALR, a South African exchange,” however, “malware …