​Microsoft warned of malware for hacking crypto wallets

What’s new? Microsoft, a US-based company, has warned of new malware targeting cryptocurrency wallets. The company has introduced the term cryware, which refers to the theft of information from non-custodial hot cryptocurrency wallets.

Information on Microsoft’s website

Cryptocurrency wallets can exist both in the form of software as well as physical devices. A hot wallet, unlike a cold wallet, has a permanent connection to the internet. A non-custodial wallet is a wallet for which only its owner has a key. In the case of a custodian wallet, the operator (custodian) also has it, allowing one to recover a lost password.

What else does Microsoft warn about? The company’s blog contains a lot of useful information about malware attacks targeting cryptocurrencies. These cyberattacks can involve spoofing a user’s cryptocurrency address with a clipboard that stores copied and pasted text. For example, a virus can replace characters on the clipboard when a user pastes a copied wallet address into an application.

What do other experts say? Some point out that this threat is nothing new, malware that can steal cryptocurrency wallet information from users’ devices has been around for years. Lawrence Abrams, the Editor in Chief of BleepingComputer, called to “stop making up new malware classifications.”

Microsoft is now calling info-stealers that target cryptocurrency wallets .... cryware!Almost all info-stealing malware steal crypto wallets, and have been for years.Please stop making up new malware classifications. It's confusing enough for many as it is. pic.twitter.com/8C3rY9xSfW— Lawrence Abrams (@LawrenceAbrams) May 17, 2022

What is known about Microsoft? It is an American technology company headquartered in Redmond, Washington. It was founded in 1975. The company develops, manufactures, licenses, supports, and sells computer software, consumer electronics, personal computers, and related services.

What events happened before? On May 14, cryptocurrency services Etherscan, CoinGecko, and DeFi Pulse reported incidents of a malicious pop-up, offering users to connect their MetaMask crypto wallets. A preliminary investigation revealed that the phishing attack was caused by a malicious ad script on the affected sites.

On April 17, the MetaMask team warned users of the cryptocurrency wallet of the danger of storing data on Apple iCloud because of the possible phishing attacks.

In February, Google Cloud released Virtual Machine Threat Detection (VMTD), a service designed to help users vulnerable to cryptocurrency mining attacks.