Always, where there is money, those who want to steal it very quickly appear.
The contents of users' cryptocurrency wallets are increasingly becoming the target of Trojan horses and viruses. The constant increase in the interest of Internet scammers in cryptocurrencies is quite understandable - their value is growing every minute. This is why new types of malware appear regularly, but they can all be divided into five main categories.
Viruses and Trojans appeared first, stealing a file with keys from a user’s wallet installed locally (most often, wallet.dat). Keyloggers, clipboard interception, screen capture, etc. are used to obtain passwords from encrypted key files. This category of malware is constantly evolving: support for new wallets and cryptocurrencies is being added, the ability to intercept user information to obtain a password from a key file is expanding, etc.
As soon as it became clear that cryptocurrency mining could bring in a lot of money, the attackers came up with the idea of using their victims’ devices to mine cryptocurrency for their own personal purposes. The victim provides computing power and pays for electricity, and the fraudster receives a net profit. This category of malware does not pose a direct threat to the user's funds, but, in most cases, causes a decrease in the device's performance, as well as its frequent overheating.
Fraudsters have noticed that most users do not check long and complex addresses when making cryptocurrency transactions; almost everyone simply copies the address to the clipboard and then reports it to the correspondent, or they themselves make a transaction to the copied address. Thus, an attacker only needs to track that the address of a cryptocurrency wallet is on the clipboard and replace it with a similar one, but already owned by the author of the Trojan. As a result, the victim herself transfers her funds into the hands of the fraudster, and since Since cancellation of transactions in cryptocurrencies is impossible, the funds will not be returned.
The next category of viruses does not aim to gain access exclusively to cryptocurrency, but poses a great danger to owners of funds in cryptocurrency.. These Trojans are quite complex and represent a whole complex of malicious software that monitors the sites visited by the victim (wallets, exchanges, etc.), tracks keystrokes, mouse movements, regularly captures the screen, intercepts email messages and incoming SMS to gain access to the user’s financial resources.
Well, and of course, we must not forget about the notorious and extremely malicious “encryptors”, which, after infecting a device, encrypt its hard drive, block the system’s operation and extort rewards for unlocking and decrypting data. Lately, more and more often, attackers are demanding payment of funds in cryptocurrency because... in this case, it is almost impossible to track the final recipient.
In our next articles we will definitely give detailed recommendations for ensuring the security of your cyber savings. In any case, always use the latest anti-virus software, activate maximum protection measures for the online services you use and just be vigilant when making transfers and visiting suspicious resources.
You May Also Like
The FacexWorm virus is being spread via Facebook Messenger
Security researchers at Trend Micro have discovered a malicious extension for the Chrome browser that interferes with users' cryptocurrency transactions in various ways. The malware, called "FacexWorm", enters the victim's browser through a YouTube link that prompts the user to install an extension to play videos. Once it is installed, the virus penetrates the account and distributes the same link among the user's friends.
Know your enemy: white hat hacker Tayo Dada reveals how cybercriminals operate
Not long ago, British Airways and Facebook were on the long list of hacker victims. Such events hit the reputation of companies quite hard; many clients stop trusting them. But what do the hackers themselves get as a result of these attacks?
