New malware stalks Windows 10 users and their Bitcoin wallets, while hackers strike again in DeFi.
The number of malware that seeks to steal Bitcoin (BTC) and other cryptocurrencies, grows every day. Recently, independent cybersecurity researcher, Oliver Hough, revealed on its Twitter account a new malware focused on stealing email passwords and private keys from Wallets of cryptocurrencies.
As explained by the researcher, this malware affects users of the Windows 10 operating system; especially gamers, content creators and developers, who seem to be more exposed to becoming victims due to the way in which malware can be downloaded.
Hough explains that the malicious program can be inadvertently downloaded if users access a fake site to download the components of DirectX 12 on Windows 10; which today are widely used by online players and developers. The malware creators designed an identical but fake web portal to trick unsuspecting users into downloading DirectX 12 from an unofficial page that is infected with the malware.
Once users download the set of components from the fake site they also download the malware, which can steal their private keys and, therefore, their stored funds.
It may interest you: ESET discovers new malware family capable of mining and stealing cryptocurrencies
Impersonating Microsoft
Malware attacks have become a trend for hackers in the crypto industry, who only want to steal the private keys, credentials and other confidential data stored within cryptocurrency wallets.
However, as these malicious software develop, cybersecurity researchers are also devoting great efforts to warning and educating users so that they do not fall victim to these attacks. Therefore, hackers have found it necessary to perfect their techniques and develop malware so sophisticated that it is almost impossible to detect for the most inexperienced.
Hough warns that the new Windows 12 DirectX 10 malware campaign impersonates the identity of Microsoft, the company that developed the operating system, so many may not realize the deception. Hackers provide, among other things, a security certificate, privacy policies, and a contact form that help them gain the trust of web visitors, who may end up downloading the multimedia component package and associated malware.
Source: Bleeping Computer
The moment the web portal displays the DirectX 12 download option, users are redirected to an external page that asks them to download a file for the 32-bit or 64-bit version. Both versions lead to malware whose purpose is to steal files, passwords and cryptocurrency wallets.
Cryptocurrency wallets affected
Bleeping Computer researchers, building on Hough's discovery, note that the malware can steal a wide variety of cryptocurrency wallets for Windows software, such as: Ledger Live, Waves.Exchange, Coinomi, Electrum, Electron Cash, BTCP Electrum, Jaxx, Exodus, MultiBit HD, Aomtic and Monero.
The malware collects the data and stores it in compressed files, which it will redirect to hackers. Once they have the information and private data at hand, they will be able to access the cryptocurrencies stored within these wallets.
Source: Bleeping Computer
Bleeping Computer indicates that the malware attempts to collect “cookies, files, system information, installed programs, and even a screenshot of the victim's current desktop,” as shown in the image above.
Hackers stalk DeFi
In addition to malware attacks on Bitcoin and other cryptocurrency wallets, hacks and exploits on protocols DeFi They are also becoming a trend. Recently, the analysis firm Messaria reported that hacker attacks on decentralized protocols have left more than $284 million in losses since 2019, without accounting for the millions that DeFi protocols on other networks have lost. block chains like the BSC.
The list of DeFi protocols victims of attacks, hacks, exploits and EXIT SCAM in the BSC accumulate more than 120 million dollars in losses this year, with the recent exploit that the protocol suffered Spartan Protocol that its sum to the affected projects within this blockchain.
Spartan Protocol just lost 30 million of their vaults, as a result of a vulnerability present in one of their contracts, which allowed the hacker to manipulate and inflate the asset balance of the liquidity pool before burning tokens and then claim “an unnecessarily large amount of underlying assets.”
This latest attack is one of the largest suffered in decentralized finance ecosystems so far.
Continue reading: DeFi hacks on Ethereum accumulate more than $284 million in losses since 2019
