While Bitcoin (BTC) Prices are rising, crypto-related scams emerge to take advantage of the situation. In this case, a security company discovered three malicious crypto apps targeting users in order to steal their money.
Three bogus crypto trading and poker apps are infected with dangerous malware
According to Intezer LabsA year-long malware process has been running since January 2020 and is spreading faster with the help of a sophisticated marketing campaign.
According to the study, threat actors rely on three cryptocurrency-related apps to distribute RAT (remote access tool) malware called ElectroRAT: Jamm and eTrade / Kintum (both fake crypto trading platforms) and DaoPoker (fake crypto poker app ).
Intezer Labs also found that these cyber criminals are developing versions of their software for Windows, Mac, and Linux to build trust in their products and appeal to greater numbers of victims around the world.
Investigators say “thousands of victims” have been affected by ElectroRAT’s campaign, which includes domain registrations, websites, Trojanized applications and fake social media accounts.
Some of these fake apps have been spotted on crypto-themed forums like Bitcointalk and Steemcoinpan as fake profiles are used to promote the apps and prompt users to download an application that is already infected with the malware.
An “unusual” malware on the radar
After receiving infectedThe program empties victims’ crypto wallets. Intezer Labs provides more details on malicious apps that contain ElectroRAT:
ElectroRAT is extremely pushy. It has various functions such as keylogging, taking screenshots, uploading files from the hard drive, downloading files and executing commands on the victim’s console. The malware has similar functionality for its Windows, Linux, and macOS variants.
The research firm points out that it is “very unusual” for this type of malware to steal confidential information from users of cryptocurrencies. Intezer Labs adds:
It is even rarer to see such a far-reaching and targeted campaign that includes various components such as fake apps and websites as well as marketing and advertising measures via relevant forums and social media.
What do you think of the security company’s results? Let us know in the comments below.
Photo credit: Shutterstock, Pixabay, Wiki Commons