Home Coins Bitcoin (BTC) Research: New Malware Employs Tor and Bittorrent To Steal Bitcoin and Ether

Research: New Malware Employs Tor and Bittorrent To Steal Bitcoin and Ether


1596309704 65 Major Chinese Banks Bar Customers From Buying Gold Precious Metals

A new trojan called Krypto Cibule uses infested computers’ power to mine cryptocurrency, steal crypto wallet files, and redirect incoming digital assets to a hacker address. The malware rides on the Tor network and the Bittorrent protocol to perform attacks, according to an extensive report by cybersecurity company, ESET.

“Krypto Cibule is spread through malicious torrents for ZIP files whose contents masquerade as installers for cracked or pirated software and games,” researchers Matthieu Faou and Alexandre Cote Cyr, detailed in their report published September 2.

The malware is mostly active in the Czech Republic and Slovakia where it has been responsible for hundreds of attacks. Most victims downloaded the malware from files hosted on a torrent site popular in the two countries called uloz.to.

The mining operations of the malware, which ESET researchers trace back to 2018, are written into XMRig, an open-source program that mines monero using the CPU, and kawpowminer, another open-source program that mines ethereum (ETH) using the GPU, with both programs set up to connect to a hacker-controlled mining server over the Tor proxy.

Researchers have attributed the little attention previously given to the trojan to the discretion of its operations. To keep the owner of the computer unsuspecting, the malware recalls the GPU miner when the battery is under 30% and stops operations altogether when the battery is under 10%.

The clipboard-hijacking operation masquerades as SystemArchitectureTranslation.exe. It monitors changes to the clipboard in order to replace wallet addresses with addresses of controlled by the malware operator in order to misdirect funds. The researchers noted:

At the time of this writing, the wallets used by the clipboard hijacking component had received a little over $1,800 in bitcoin (BTC) and ethereum.

1597173073 593 Billion Dollar Public Company Microstrategy Moves 250 Million Into BTC1595918680 549 Hackers Transfer 28 Million Worth of Bitcoin from 2016

Exfiltration works by walking through the filesystem of each available drive to look for filenames that contain certain terms. ESET researchers linked the trojan to terms mostly referring to cryptocurrencies, wallets, or miners, as well as more generic ones like crypto, seed, and password. Files that could provide data such as private keys are also targeted.

According to the research team, the use of legitimate open-source tools as well as a wide range of anti-detection methods is likely to have kept the malware under the radar this far. Krypto Cibule is still being actively developed, with new features having been added in its two-year-old life.

As news.Bitcoin.com reported recently, hackers have already been plundering bitcoin through the large-scale use of malicious relays on the Tor network. Tor is a privacy-oriented network popular with bitcoin investors throughout the world.

What do you think about the new malware exploiting Tor and Bit Torrent? Let us know in the comments section below.

Tags in this story
Alexandre Cote Cyr, bitcoin theft, BitTorrent, cybersecurity, Czech Republic, ESET, Krypto Cibule malware, Malicious Attacks, Malware, Matthieu Faou, Slovakia, Tor Network

Image Credits: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.





Source link

- Advertisement -
Mr Bitcointe
Mr Bitcointehttps://www.bitcointe.com/
“Fact You Need To Know About Cryptocurrency - The first Bitcoin purchase was for pizza.” ― Mohsin Jameel
474FansLike
76FollowersFollow
4,567FollowersFollow
5,261FollowersFollow
1,581FollowersFollow
2,230SubscribersSubscribe
USD - United States Dollar
EUR
1.18
GBP
1.29
CHF
1.10
NOK
0.11
JPY
0.01
CAD
0.76
AUD
0.73

Most Popular

Cardano long-term Price Analysis: 21 September

Most of the industry’s altcoins are struggling to make-do in the present market. With all the bullish market momentum fizzling out in early-September,...

European central bank execs explain why CBDCs don’t need blockchain

Global central bank digital currencies, or CBDCs, do not require the use of blockchain technology, according to executives at major European central banks.Thomas Moser,...

Monero, Synthetix, Crypto.com Coin Price Analysis: 21 September

Monero has been on a healthy uptrend for a while, but that might change in the short-term after it flashed a bearish signal...
bitcoin
Bitcoin (BTC) $ 10,528.73
ethereum
Ethereum (ETH) $ 341.03
ripple
XRP (XRP) $ 0.235217
tether
Tether (USDT) $ 0.999068
bitcoin-cash
Bitcoin Cash (BCH) $ 212.84
bitcoin-cash-sv
Bitcoin SV (BSV) $ 146.30
litecoin
Litecoin (LTC) $ 43.97
eos
EOS (EOS) $ 2.57
binancecoin
Binance Coin (BNB) $ 23.51
okb
OKB (OKB) $ 5.85
tezos
Tezos (XTZ) $ 1.99
leo-token
LEO Token (LEO) $ 1.21
cardano
Cardano (ADA) $ 0.080719
monero
Monero (XMR) $ 88.25
stellar
Stellar (XLM) $ 0.071238
chainlink
Chainlink (LINK) $ 8.75
huobi-token
Huobi Token (HT) $ 4.60
tron
TRON (TRX) $ 0.025452
usd-coin
USD Coin (USDC) $ 0.998112
dash
Dash (DASH) $ 66.50
neo
NEO (NEO) $ 20.27
iota
IOTA (MIOTA) $ 0.240211
nem
NEM (XEM) $ 0.107075
zcash
Zcash (ZEC) $ 53.83
maker
Maker (MKR) $ 448.87
paxos-standard
Paxos Standard (PAX) $ 0.996640
ethereum-classic
Ethereum Classic (ETC) $ 4.81
vechain
VeChain (VET) $ 0.012724
true-usd
TrueUSD (TUSD) $ 0.998320
ftx-token
FTX Token (FTT) $ 3.51
kucoin-shares
KuCoin Shares (KCS) $ 1.05
waves
Waves (WAVES) $ 2.19