A cryptocurrency-related malware program was advertised on darknet forums as “the leading way to make money in 2021”, causing an alarm in the cybersecurity community. Palo Alto Networks released a report on the malicious app Westeal detailing the author’s connections to other types of malware that steal vital accounts for streaming services.
Westeal claims to be immune to critical antivirus software
According to the Cybersecurity company“Westeal” is a further development of “Wesupply Crypto Stealer”, another malicious crypto software that has been on sale since May 2020. The results suggest that Wesupply’s further development has been announced since mid-February 2021.
In addition, people who purchase the malicious app are given access to a web panel to handle all operations, including a “victim tracker panel”.
One detail that raises concerns from Palo Alto Networks is the fact that Westeal is reportedly immune to critical antivirus software.
The malware works on a subscription model, and Complexcodes, the only author of the app, charges € 20 per month, € 50 (US $ 60) for three months and € 125 (US $ 150) per year.
The malware is a “shameless” crypto theft, researchers say
The cybersecurity firm offers more details about the malware:
To “steal” cryptocurrency from a victim, Westeal uses regular expressions to search for strings that match the patterns of Bitcoin and Ethereum wallet identifiers that are copied to the clipboard. If it matches these, it will replace the copied wallet ID on the clipboard with one provided by the malware. The victim then inserts the ID of the replaced wallet for a transaction and the money is sent to the replacement wallet instead.
Still, Palo Alto Networks qualifies Westeal as “shameless” malware:
Westeal is a shameless commodity malware with a single illegal function. Its simplicity goes hand in hand with what is likely to be simple effectiveness in stealing cryptocurrency. The low-sophistication actors who buy and deploy this malware are thieves, nothing less than pickpockets on the street. Their crimes are as real as their victims. The quick and easy monetization chain and anonymity of the theft of cryptocurrencies, as well as the low cost and ease of use, will undoubtedly make this type of crimeware attractive and popular for less skilled thieves.
What do you think of this recently discovered cryptocurrency malware? Let us know in the comments below.
Photo credit: Shutterstock, Pixabay, Wiki Commons
Disclaimer of liability: This article is for informational purposes only. It is not a direct offer or an invitation to submit an offer to buy or sell, or a recommendation or approval of products, services or companies. Bitcoin.com does not provide investment, tax, legal or accounting advice. Neither the company nor the author are directly or indirectly responsible for any damage or loss caused or allegedly caused by or in connection with the use or reliance on any content, goods or services mentioned in this article.