Tech News Warning … These Malicious Apps Steal Encrypted Digital Currencies

New report from digital security firm Intezer Labs indicated discovery A large-scale fraudulent operation targeting cryptocurrency users via malicious apps aimed at this, and this process is estimated to have started in January 2020.

This intense fraudulent operation consisted of a comprehensive marketing campaign, personalized cryptocurrency apps, and a new remote access tool. In order to trick users into installing a new strain of malware on their phones, with the clear aim of stealing money from victims.

But what malicious apps were used in this process and how did they trick users?

The process was discovered in December of last year, 2020, but researchers believe cybercriminals started spreading their malware very early in the same year, especially since January 8, 2020.

The researchers (Intezer Labs): “Cybercriminals relied on three cryptocurrency-related applications in their plot.” These fake apps have the following names:

Yes. eTrade or Kintum. DaoPoker).

These applications were hosted On dedicated websites, the first two apps claimed to provide a simple platform for trading cryptocurrency, while the third was a poker app using cryptocurrencies for payment.

All three apps came in versions of Windows, Mac, and Linux operating systems, and developed an open source app building framework called (Electron), but the researchers added that the apps included a new strain of malware. that was hidden inside, which researchers at the company called (ElectroRAT).

In a report, the researchers said: “ElectroRAT software is extremely intrusive and has various capabilities, such as: keyboard recording, saving screenshots, downloading files from disk, downloading files and execution of commands without the victim’s knowledge. “

Researchers believe the malware was used to collect keys to cryptocurrency wallets and then empty victims’ accounts.

In addition; The researchers said, “Hackers posted ads for all three apps and their websites on cryptocurrency forums, or used social media accounts.”

Researchers estimate that this process affected around 6,500 users and advised cryptocurrency users who have lost money in the past year but have not identified the source of the hack. Check if they have downloaded and installed any of the three apps mentioned earlier.

If you have used any of these aforementioned scam apps then you should immediately transfer your cryptocurrency accounts to another secure device and then change the passwords, the best thing to do is to completely reformat the device for you. radically get rid of these malicious applications.

It should be noted that the company also reported that the ElectroRAT software was written in the open-source language Go, a programming language that has become very popular among malware developers over the past year because the detection malware written in this language is still somewhat difficult.

Analyzing malware developed in this language is generally more complex than malware written in C, C ++, or C #, and this programming language makes it easier for developers to deploy programs on different platforms than others. programming languages, allowing cybercriminals to create multiple directed malware at most Palettes are easier than ever.