In brief

  • Intezer Labs has discovered malware in fraudulent cryptocurrency apps.
  • Jamm, eTrade, and DaoPoker were fake apps designed to steal users’ crypto keys.
  • The “ElectroRAT” malware has apparently affected at least 6,500 users to date.

Thousands of cryptocurrency users have reportedly been the victim of crypto apps that were advertised as legitimate, but secretly contained malware that infiltrated users’ computers and stole information, including cryptocurrency wallet keys.

Security firm Intezer Labs discovered and extensively detailed the exploit, which it has dubbed ElectroRAT, in a report issued today. The malware was first discovered in December, although data from a pastebin used by the exploit suggests that it has been in the wild since at least January 8, 2020.

The sophisticated campaign involved a trio of cryptocurrency apps developed for Windows, macOS, and Linux called Jamm, eTrade (or Kintum), and DaoPoker. Intezer describes the exploit as “extremely intrusive,” capable of keylogging, downloading and executing files, uploading files, and taking screenshots without a user’s knowledge.

Read Also:   Yearn Finance formalizes operations budget as YFI rallies

In its report, Intezer shows how the software applications were promoted and distributed via cryptocurrency forums and Twitter. All told, based on the number of unique users to the exploit’s pastebin, the firm believes that at least 6,500 users were impacted by the malware.

The fake software was created using app-building platform Electron and coded from scratch in the Go language, rather than using pre-built, off-the-shelf malware code. According to Intezer Labs, using Go likely made it easier for the creators to rapidly develop versions for multiple platforms, while ZDNet notes that the complexity of the language makes analyzing and detecting malware more difficult.

“Writing the malware from scratch has also allowed the campaign to fly under the radar for almost a year by evading all antivirus detections,” Intezer Labs writes.

If you have used any of the fraudulent apps mentioned above, Intezer has a breakdown of how to detect the processes and clear your system using its software. The firm also suggests moving crypto assets to a different wallet and changing all of your passwords.

Read Also:   Ethereum Price Analysis: 12 January

Download MAXBIT Android App, Your best source of all crypto news!
Google Play

Source link


These Fake Crypto Apps Will Steal Your Bitcoin

by Joe T. Stanley
Choose A Format
Poll
Voting to make decisions or determine opinions
Story
Formatted Text with Embeds and Visuals
List
The Classic Internet Listicles
Meme
Upload your own images to make custom memes
Video
Youtube, Vimeo or Vine Embeds
Audio
Soundcloud or Mixcloud Embeds
Image
Photo or GIF
Gif
GIF format