ESET Flags New Latin American Banking Trojan That Targets Crypto

Published at: Oct. 3, 2019

Major Slovakia-based antivirus software provider ESET has discovered a banking trojan that can steal cryptocurrencies and is especially widespread in Latin America.

Primary targets

Known as “Casbaneiro” or “Metamorfo,” the newly found malware family targets banks and cryptocurrency services located in Brazil and Mexico, ESET’s editorial arm WeLiveSecurity reports Oct. 3.

According to the report, Casbaneiro uses a social engineering execution method, which displays fake pop-up windows misleading potential victims to enter sensitive information. The capabilities of the malware are typical of Latin American banking trojans that can take screenshots and send them to command and control server, simulate keyboard actions and capture keystrokes as well as restrict access to websites and download and execute other tools, the report notes.

Stealing crypto via clipboard

Alongside banks, one of the major targets of Casbaneiro is cryptocurrency wallets. According to ESET, Casbaneiro is capable of monitoring the content of the clipboard and replacing the crypto wallets victims have copied with addresses belonging to the attacker.

As noted in the report, ESET has become aware of only one attacker’s wallet at the time of publication. Reportedly hardcoded in the binary code, the reported wallet has around 1.2 Bitcoin (BTC), worth $9,812 at press time with a total number of transactions amounting to 71, according to Blockchain.com.

Additionally, the newly discovered malware uses multiple cryptographic algorithms, with each one intending to protect a different type of data, the report says.

On Sept. 26, Amerian Internet infrastructure firm Juniper Networks warned users of a new spyware called Masad Clipper and Stealer, which reportedly uses the Telegram app to replace crypto addresses with its own.

Tags
Related Posts
Blockchains Are an Excellent Solution for Privacy, Part 3
Some entrepreneurs have been trying to increase data privacy by combining encryption and blockchain technology. There are projects like Oasis Labs and Enigma that focus entirely on preserving users’ privacy. Meanwhile, others have been focusing on preventing data retention by companies. Thus, there is no way to guarantee that personal data is deleted in a company’s data system. Blockchain technology’s reliable consensus ensures that people’s data is used correctly. Protection against software and hardware attacks Companies like Oasis Labs, which designed the Ekiden system, run smart contracts outside the blockchain within a Trusted Execution Environment, or TEE, node to enable …
Blockchain / June 22, 2020
Overview of Software Wallets, the Easy Way to Store Crypto
Similar to a bank account for fiat currency, a crypto wallet is a personal interface for a cryptocurrency network that provides reliable storage and enables transactions. Whether a cryptocurrency is securely stored or not, much depends on the wallet, which is only as secure as its private keys. Wallets are generally either hot or cold. The funds in a hot wallet can be spent at any time, online. A cold wallet functions in contrast: not intended for regular cryptocurrency transactions, but funds can be received at any time. Wallets can also be divided into three groups: software, hardware and paper. …
Blockchain / March 29, 2020
‘Unhackable’ Crypto Wallet Reportedly Breached, Hackers Claim to Meet Bounty Conditions
A group of researchers claims to have have hacked the Bitfi wallet, the Next Web reported August 12. Bitfi's executive chairman, cybersecurity pioneer John McAfee, has called it “the world’s first unhackable device.” To prove his claim, McAfee challenged security experts to breach the device for a $100,000 bounty starting July 24. Bitfi is a physical device, or hardware wallet, which supports “an unlimited amount of cryptocurrencies,” and revolves around a user-generated secret phrase instead of a conventional 24-word mnemonic seed that has to be written down. Additionally, Bitfi is purported to be “completely open-source,” meaning that the user stays …
Blockchain / Aug. 14, 2018
Online Monero Wallet to Mitigate Security Risks by Fixing Flaws Uncovered in Audit
The Monero web wallet says it has undergone a successful security review by an independent provider, with analysts concluding “a number of potential vulnerabilities” have now been fixed, with their risks mitigated. XMRWallet’s infrastructure was audited by New Alchemy, a blockchain strategy and technology advisory group. During its tests in June 2018, the application’s web traffic and user interface were inspected, all with the aim of uncovering security flaws that could affect trustworthiness. In its report, New Alchemy concluded: “The XMRWallet application exhibits a high-quality user experience, a modern development approach, and a clear separation of client and server functionality. …
Blockchain / July 24, 2018
What are hierarchical deterministic (HD) crypto wallets?
Are HD wallets safe? HD wallets are as secure as the medium (physical or digital) on which they are stored. BIP-32 enables an HD wallet to produce a tree-like hierarchical structure of private keys from the seed. As a result, if a device is lost or destroyed, the seed backup can be used to restore the wallet along with all of the tree’s private keys. Hierarchical deterministic wallets offer enhanced security and privacy compared to non-deterministic wallets. They are secure because a new address is issued for every new transaction. Therefore, hacking them is a challenging and intricate process. Additionally, …
Blockchain / Jan. 19, 2023