Don't Miss, Economy, Fraud and Scams, Hot News, News & Updates

Crypto Stealer Spotted!

A crypto stealer has been spotted distributed through a large email spam campaign and discord channels.

It seems to have spread through a massive spam campaign in several countries. The malware named “Panda Stealer” has been spotted by a cybersecurity company. It is also distributed on different channels on Discord.

Malware can steal data from Telegram and Discord Apps

The stealer is a type of another malware named “Collector Stealer.” It utilizes similar algorithms to evade detection tools. The malware is in a malicious Excel file in .xlsm format.

When a victim executes Powershell scripts in the infected document, Panda Stealer deploys its malicious processes. It is collecting sensitive data related to crypto. It includes private keys and records of past transactions performed with wallets from virtual currencies.

crypto stealer malware

The researchers from Trend Micro provided details about the malware’s similarities with others:

“Panda Stealer was found to be a variant of Collector Stealer, which has been sold on some underground forums and a Telegram channel. Collector Stealer has since been cracked by a Russian threat actor called NCP, also known as su1c1de. (…) Like Panda Stealer, Collector Stealer exfiltrates information like cookies, login data, and web data from a compromised computer, storing them in an SQLite3 database. It also covers its tracks by deleting its stolen files and activity logs after its execution.”

However, the stealer is not limited to catching crypto asset-related data from the victims. The study revealed that it also has the capabilities of stealing credentials from Telegram, Nordvpn, and Discord.

Furthermore, Panda Stealer can get screenshots from the computers of the users then acquire encrypted data in browsers.

Crypto Malware Stealers Spotted

In the past few months, it has been reported that crypto-malware has been surging. Even more recently, “Westeal,” a crypto-related malware program, has been advertised on darknet forums as the “leading way to make money in 2021.” This has raised alarms in the cybersecurity community.

The malware system has the resources to steal bitcoin and ethereum. However, the malicious code only works under a subscription model.

📣 Cryptonetwork.News is now on Telegram. Click here to join our channel and stay updated with the latest Cryptocurrency, Blockchain, and Cryptomining headlines

Leave a Comment

Leave a Reply