A very concerning and alarming revelation has been made by the Cybersecurity researchers a few days back. They have established and identified a malware that has been involved in malware operations for over a year.
As per the researchers, the platform has been targeting cryptocurrency users for over a year. It has been able to do it by developing and launching fake applications that are used for stealing cryptocurrencies.
The Cyber security firm that carried out research on the particular malware is Intezer Labs. Intezer Labs’ researchers have revealed that the cryptocurrency industry has acquired a massive amount of acceptance in the past couple of years.
As a result of the above, many hackers, scammers, and fraudsters have now shifted to carrying out their scams through cryptocurrency platforms. In the past year, the fraudulent activities on the cryptocurrency platforms have increased significantly.
In order to make money and gain financial benefits, malicious actors and scammers have become very active on the cryptocurrency platforms. Some of the hackers have even managed to deploy such malware. However, this malware was deployed with such sophistication and expertise that no one was able to detect them until now.
The Cyber security firm confirmed that it was able to establish the malware back in December 2020. The firm has revealed that the new malware is the remote access Trojan (RAT), which has been dubbed as “ElectroRAT”. As per the security firm, the ElectroRAT malware is responsible for stealing away the cryptocurrencies of millions of Linux, Windows, and macOS users.
The Cyber security firm has confirmed that in order to carry out the hacks, the malware was deployed using three different applications. The names of the applications revealed by the security firm include DaoPoker, Jamm, and eTrade/Kintum that were hosted on the hackers’ own websites.
The security firm revealed that eTrade/Kintum and Jamm were bogus applications for cryptocurrency trading. While DaoPoker was introduced as an application for gambling instead of cryptocurrency trading.
The firm made some very alarming detail around the ElectroRAT malware. They stated that the malware hidden inside the applications was extremely intrusive. The team at Intezer Labs revealed that the malware is capable of taking screenshots, downloading files, keylogging, and uploading files from disks. One of the most alarming revelations made by Intezer is that the malware is capable of executing commands on the consoles of the victims.
The researchers at the Cyber security firm has revealed that when the malware is launched on the victim’s console, the application interface acts as a cover. While the victims are busy dealing with the app’s interface, the malware starts executing its process in the background.