Attackers have created an elaborate scheme to distribute a cryptocurrency trading program that installs a backdoor on a victim's Mac or Windows PC.
Security researcher MalwareHunterTeam discovered a scheme where an attacker has created a fake company that is offering a free cryptocurrency trading platform called JMT Trader. When this program is installed, it will also infect a victim with a backdoor Trojan.
The making of a crypto trading malware scheme
This scheme starts with a professionally designed web site where the attackers promote the JMT Trader program as shown below.
JMT Trader Web Site
To help promote the site and program, they also created a Twitter account that is used to promote the fictitious company. This account is fairly dormant with its latest tweet being from June.
Twitter Account
If you attempt to download the software, you will be brought to a GitHub repository where you can find Windows and Mac executables for the JMT Trader application. This page also contains the source code for the trading programs for those who want to compile it under Linux. This source code does not appear to be malicious.
JMT Trader GitHub Repository
Using the JMT Trade program, a user can create various exchange profiles and use it legitimately to trade cryptocurrency. That's because this application and the above GitHub page are just clones of the legitimate QT Bitcoin Trader program that have been adopted for this malware operation.
JMT Trader Application
When the JMT Trader is installed, tho ..
Support the originator by clicking the read the rest link below.
