According to CyberScript firm Casparesky, malicious actors are trying to steal crypto with malware embedded in fake Microsoft Office extensions uploaded on Source Hosting Site Source.
Clip Banker hides a malware that is a malicious list called the “office package”, but it hides a malaware called Clip Banker, which takes the copied crypto wallet address on a computer clipboard from the attacker’s address.
The team said, “Crypto wallet users usually copy the leaves instead of typing them. If the device is affected by the clip banker, the victim’s money will be eliminated somewhere unexpectedly.”
The fake project page on the Sourceforj imitates a legitimate developer tool page, showing office aid and download buttons and may also appear in search results.
Kaspersky said it received a crypto -stolen malware on the software hosting website Sourcefurge. Source: Caspersky
Another feature of malware infection China includes infected device information such as IP addresses, country and username hackers by telegram, Kaspersky said.
The malware infectious system can also scan for symbols that have been installed before or for anti -virus software and can delete themselves.
Invaders can sell access to the system to others
Caspersky says some files in the bogus download are small, which “raise red flags, because office requests are never so small, even when compressed.”
Other files are spoken with a junk to persuade users to look at a real software installer.
The firm said the attackers accessed the affected system “through numerous ways, including unconventional ways.”
“Although the attack primarily targets cryptocurrency by deploying a miner and clip banker, the attackers can sell access to the system to more dangerous actors.”
The interface is in the Russian language, which Caspersky speculation may mean that it targets Russian -speaking users.
The report states that “our telemetry shows that 90 percent of potential victims are in Russia, where 4,604 users faced the scheme at the beginning of January and end of March.”
Avoiding hunting, KAS, Kaspersky recommends downloading the software only from reliable sources as there are high risks to pirates programs and download options.
Related: Hackers are selling fake phones with crypto -stealing malware
The company said, “Distribution of pirate software is new to distribute malware.” “Since users find ways to download applications out of government sources, attackers offer themselves. They continue to look for new ways to legalize their website.”
Other firms are also raising alarms on new forms of malware targeting Crypto consumers.
Fabric, a threat, said in a March 28 report that it found a new malware family that could launch a fake overlaley to provide Android users to provide their crypto badge phrases as it occupies the device.
Magazine: Bitcoin is going to $ 70k soon? Crypto Baller Funds Space X Flight: Holder Digest, March 30 to April 5
