- Crypto malware, PennyWise, identified with unique method of spreading
- The malware targets YouTube channels and steals data from Chromium and Mozilla
- Malware unavailable in select countries
Cyber Intelligence company, Cyble, has identified a new strain of crypto-malware making rounds on video-sharing platform, YouTube. The cyber company caught the Pennywise malware in their radar in May and has been tracking YouTube since then.
According to reports, the malware is designed to attack 30 crypto wallets and browser extensions including Electrum, and Atomic Wallet.
Crypto malware duping users into downloading software
The criminals behind the attack use mining education videos on YouTube to spread the malware, disguised as free Bitcoin mining software.
Instructions to users include downloading the link from the description box and disabling their antivirus software to give the malware better access.
The software steals data from Chromium and Mozilla browsers by searching for wallet files and sending the data to the developers. It can also take screenshots of Discord and Telegram chats.
Unique software design locks out select countries
The malicious software is uniquely designed to lock out users from countries, including Russia, Ukraine, and Kazakhstan. According to Cyble, the attackers are supposedly avoiding the strict regulatory measures in the said country.
The cybersecurity firm further revealed its YouTube channel had more than 80 videos tagged with the malicious link. The attackers are targeting both big and small channels, with promises of free NFTs, game cheats, and other perks.
Further research shows many of the channels are less than a day old and the hackers are allegedly putting up the stolen accounts for sale on the dark web.
Crypto cyber crimes on the rise amid bear market
The crypto markets have been on a steady bear trend for the last few months and criminals seem to be taking advantage of the plummeting declines. Crypto crimes have also been on a steady increase as criminals take advantage of weak systems in the bear run.
With analysts forecasting longer periods of the bear market, it is unclear what else crypto criminals will unveil in the coming months.
[…] unlike passwords, a bad actor can find the endpoint susceptibility to access the information. Some use malware, a system’s downside, phishing emails or messages, and […]