Blog
Share This Post
[ad_1]
BleepingComputer reports that more than 28,000 individuals across the Eurasian region, most of whom were from Russia, had their cryptocurrency assets compromised in a massive cryptostealer malware operation.
Malicious GitHub pages and YouTube videos containing links for purported cracked office software, automated trading bots, and game cheats, have been leveraged to facilitate the download of self-extracting password-protected archives, which then deploy obfuscated scripts, an AutoIT interpreter, and DLL files before tracking and terminating active debugging tools, according to a Dr. Web report. Researchers then noted the delivery of the “Deviceld.dll” payload running SilentCryptoMiner and the “7zxa.dll” payload exchanging copied wallet addresses in the Windows clipboard for attacker-controlled addresses, which was found to have stolen $6,000 worth of cryptocurrency transactions. Obtained system information would then be exfiltrated by threat actors using a Telegram bot. Such a development emphasizes the importance of downloading software only from official websites.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
