New attack threatens cryptocurrency wallet holders
By Bob Garcia
“ElectroRAT” is reportedly making its rounds and stealing crypto holdings
Cryptocurrency enthusiasts have a new reason to be extra cautious with their wallets, especially as the top coins are seeing some of the best price increases ever. With Bitcoin hitting a new record, many wallets are fatter than ever, proving to be too enticing for some thieves. A cybersecurity firm has uncovered a new threat making its rounds that is hitting all types of operating systems.
The new remote access tool (RAT) has been dubbed ElectroRAT by cybersecurity firm Intezer. It is written on Golang and compiled in a way that allows it to target Windows, Linux or MacOS machines, and is one of the few trojans to have been developed completely from scratch. ElectroRAT confuses netizens and leads them to download apps that contain trojans, and Intezer believes that “thousands of victims” may have already been compromised.
Intezer explains, “The attacker has created three different trojanized applications, each with a Windows, Linux and Mac version. The binaries are hosted on websites built specifically for this campaign. These applications are directly related to cryptocurrency. ‘Jamm’ and ‘eTrade‘ are cryptocurrency trade management applications and ‘DaoPoker‘ is a cryptocurrency poker app.”
The apps have been promoted on various websites, including Bitcointalk and SteemCoinPan and are even backed by Twitter and Telegram profiles that are, of course, fake. Without realizing it, users download the trojan through an app they believe to be legitimate, and the rest is history. It isn’t clear how much money, if any, may have already been stolen through ElectroRAT.