Hackers steal more than $400 000 in cryptocurrencies with a Trojan in a fake Tor browser
According to Kaspersky Lab, about 16 000 users of digital assets have been affected by the malware
30.03.2023 - 10:00
352
3 min
0
What’s new? Experts at Kaspersky Lab warned about the spread of a fraudulent scheme using a fake Tor browser. When downloading from a third-party web resource, it gets infected with malware capable of extracting and modifying the contents of the clipboard. About 16 000 cryptocurrency users from 52 countries suffered from the Trojan, and the total damage in 2023 alone exceeded $400 000.
Material on the Secure List website
How does cryptocurrency theft happen? Once on the device, the software registers in the autostart system, masquerading as a popular application, such as uTorrent. As soon as the cryptocurrency wallet address appears in the clipboard, the program automatically replaces it with another address belonging to hackers, which causes the user to lose money.
The program performed address substitution in several popular blockchain networks at once: Bitcoin, Ethereum, Monero, Dogecoin, and Litecoin.
The top 10 countries most affected by the malware were Russia, Ukraine, the United States, Germany, Uzbekistan, Belarus, China, the Netherlands, the United Kingdom, and France. The main mistake users made was downloading and launching Tor Browser from third-party sites. To protect against losing money, Kaspersky Lab recommends downloading the application only from the official site, as well as using antivirus software.
A similar threat was previously reported by ESET. The company found trojans on WhatsApp and Telegram for Android and Windows. Attackers place advertising links to YouTube channels on Google, which then redirects users to fake application sites. A downloaded version of the messenger with malware can replace cryptocurrency wallet addresses sent in chat messages.
SafeGuard warns of new crypto-stealing malware in Telegram
The malware spreads via spamming with images and hides on the victim's device as an operating system file
According to Kaspersky Lab, in 2022, the number of cryptocurrency phishing attacks increased by 40%, reaching 5 million. In one year every seventh user of digital assets suffered from them.
Useful material?
Market
Due to supply shortages, the asset’s pre-market exchange rate was climbing above $1000
Dec 16, 2024
Incidents
Reports about the hacking of the exchange with calls to withdraw assets began to spread on December 13
Dec 13, 2024
Crypto regulations
Stablecoins from issuer Circle will not be affected by the changes
Dec 12, 2024
Crypto regulations
The platform will launch after meeting the preconditions of the local exchange authority
Dec 9, 2024
Market
The $1,1 billion figure was reached after the bitcoin correction
Dec 6, 2024
Crypto regulations
By early January, all open positions and loans of local users will be closed and repaid automatically
Dec 5, 2024