Massive crypto-stealing malware operation hits Eurasia

Share This Post



BleepingComputer reports that more than 28,000 individuals across the Eurasian region, most of whom were from Russia, had their cryptocurrency assets compromised in a massive cryptostealer malware operation.

Malicious GitHub pages and YouTube videos containing links for purported cracked office software, automated trading bots, and game cheats, have been leveraged to facilitate the download of self-extracting password-protected archives, which then deploy obfuscated scripts, an AutoIT interpreter, and DLL files before tracking and terminating active debugging tools, according to a Dr. Web report. Researchers then noted the delivery of the “Deviceld.dll” payload running SilentCryptoMiner and the “7zxa.dll” payload exchanging copied wallet addresses in the Windows clipboard for attacker-controlled addresses, which was found to have stolen $6,000 worth of cryptocurrency transactions. Obtained system information would then be exfiltrated by threat actors using a Telegram bot. Such a development emphasizes the importance of downloading software only from official websites.



Source link

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

Blogs

Mickey Mouse operation hacked by former employee

A disgruntled former Disney worker stands accused of illegally hacking the company’s systems and harassing its workers. Michael Scheuer, a former system administrator with the

Do You Want To Boost Your Business?

drop us a line and keep in touch