The malware also mines Monero & Ethereum cryptocurrency on targeted devices.
We’re seeing new variants of malware being deployed every day. just yesterday we covered a skimmer funneling funds through Telegram and today we’re back with a new report by WeLiveSecurity.
Shedding light on a new malware family named KryptoCibule; the researchers report on 3 main tasks that it seeks to perform:
Mining Monero and Ethereum cryptocurrencies using a CPU and GPU respectively
Stealing funds by replacing legitimate wallet addresses with attacker-controlled ones with the help of the clipboard
Steal and extract cryptocurrency-related files
See: Best legal, safe & free online streaming sites – 2020
Alongside this, a remote administration tool (RAT) is also used to maintain access to the victim’s machine in order to control it. Furthermore, both the TOR Network and BitTorrent protocol is used for transmitting data and communication in general. This is yet another example of how legitimate services can be used by attackers for their own nefarious motives.
However, to date, only $1800 were found in the attacker held wallets which makes it look like not so lucrative, at least for the present time being. There may be more nonetheless considering that WeLiveSecurity does not have a full view of all of the stolen amounts.
How the attackers spread the
Support the originator by clicking the read the rest link below.
