SafeGuard warns of new crypto-stealing malware in Telegram
The malware spreads via spamming with images and hides on the victim's device as an operating system file
12.07.2022 - 15:20
361
1 min
0
What’s new? Cybersecurity solutions provider SafeGuard Cyber warned of the emergence of a malware to steal keys to crypto wallets, which is spreading in the Telegram messenger. According to the press release, the company first discovered the fraudulent software back in June. The program masqueraded as an image file posted to a public Telegram channel about trading and digital assets.
What is the danger of the virus? The program spreads through spam with images and is downloaded by clicking on the attachment. On the device, it hides itself as an operating system file and then creates hidden copies of the victim's public and private keys to steal cryptocurrencies from the wallet. The software also has backdoor functionality, which can be upgraded and equipped with additional features.
The company noted that hackers are increasingly using communication platforms to spread malware.
Earlier, analysts at Cyble described the PennyWise virus, which can steal data from 30 different cryptocurrency wallets, including cold ones. The virus is spread under the guise of free mining software, links to which are posted under tutorial videos on YouTube. PennyWise is built using an unknown crypter, making it difficult to remove.
Useful material?
Technologies
The new mechanism has already made it possible to calculate over tens of millions of fraudulent addresses
May 16, 2024
Incidents
The amount of damage amounted to $25 million in cryptocurrencies
May 16, 2024
Market
FTX customers will be compensated in cash, unlike Mt. Gox and Gemini customers who will receive cryptocurrencies
May 16, 2024
Technologies
It is available to crypto wallet users worldwide as an additional feature
May 15, 2024
Market
The ex-official known for his initiatives to explore the potential of blockchain in the financial system has joined the board of directors of a fintech company
May 14, 2024
Business
Earlier, Brad Garlinghouse claimed apparent harassment of the company by the US authorities
May 14, 2024