While bitcoin (BTC) prices are increasing, crypto-related scams appear on the scene to take advantage of the situation. In this case, a security firm spotted three malicious crypto apps targeting users to steal their funds.
Three Bogus Crypto Trading and Poker Apps Are Infected With Dangerous Malware
According to Intezer Labs, a year-long malware operation has been underway since January 2020, spreading faster with the help of a sophisticated marketing campaign.
Per the research, the threat actors rely on three cryptocurrency-related apps to spread a Remote Access Tool (RAT) malware named ElectroRAT: Jamm and eTrade/Kintum (both fake crypto trading platforms), and DaoPoker (fake crypto poker app).
Intezer Labs also found that these cybercriminals are developing versions of their software for Windows, Mac and Linux to increase confidence in their products, and to target a wider range of victims across the globe.
The investigators say there are “thousands of victims” affected by ElectroRAT’s campaign, which includes domain registrations, websites, trojanized applications, and fake social media accounts.
Some of these bogus apps were spotted in crypto-themed forums such as bitcointalk and Steemcoinpan, as fake profiles are used to promote the apps, asking people to download an application that is already infected by the malware.
if (!window.GrowJs) { (function () { var s = document.createElement('script'); s.async = true; s.type = 'text/javascript'; s.src = 'https://bitcoinads.growadvertising.com/adserve/app'; var n = document.getElementsByTagName("script")[0]; n.parentNode.insertBefore(s, n); }()); } var GrowJs = GrowJs || {}; GrowJs.ads = GrowJs.ads || []; GrowJs.ads.push({ node: document.currentScript.parentElement, handler: function (node) { var banner = GrowJs.createBanner(node, 31, [300, 250], null, []); GrowJs.showBanner(banner.index); } });
An ‘Uncommon’ Malware on the Radar
After getting infected
