An Intruder in Disguise: Trojan Horse Virus | imToken Wallet Security Monthly Report- July

imToken
imToken
Published in
4 min readJul 30, 2023
July Month Wallet Security Report

On June 20th, 23pds, the Chief Information Security Officer of SlowMist, warned against a Trojan horse malware named “Mystic Stealer.” According to the thread, this software has attacked 40 different browsers and 70 browser extensions and even poses a threat to cryptocurrency wallets.

Source: Twitter

What is a Trojan horse virus, and how can we defend against it? Let’s delve into these questions in this issue of the Wallet Security Monthly Report.

What is a Trojan horse virus, and how can we defend against it?

The term “Trojan horse virus” originates from the ancient Greek myth of the Trojan Horse. According to legend, during the Trojan War, the Greek army pretended to retreat and left behind a wooden horse. The Trojans pulled the horse into their city as a victory trophy. When the Trojans celebrated their victory, Greek soldiers hidden inside the wooden horse crept out and opened the gates for the rest of the Greek army which had sailed back, ultimately leading to the fall of Troy.

From the story, we can see the nature of a Trojan horse virus: it seems harmless or even beneficial on the surface but harbors dangerous and malicious intents.

Similarly, a Trojan horse virus operates in a crafty way. Here is how it steals coins:

  1. Infecting: The first step is to infect the user’s computer, which is often achieved by tricking the user into clicking on malicious links or downloading malicious files.
  2. Information gathering: Once the user’s computer is infected, the virus begins collecting sensitive information such as browser history, passwords, cookies, etc.
  3. Stealing digital assets: The virus then searches the user’s computer for cryptocurrency wallets in an attempt to crack passwords using the acquired information and then transfers assets to the attacker’s address.
  4. Erasing traces: The virus clears all its traces from the computer to avoid detection.

In order to maximize the security of your assets, the imToken security team suggests users do the following in their daily life:

  • Keep your private keys and seed phrases safe: Make sure to store them in a secure place and do not share them with anyone.
  • Keep your imToken wallet updated: Make sure that your wallet is always on the latest version so that you are protected by up-to-date security controls and feature improvements.
  • Be cautious with emails and links: Never click on emails or links from unknown sources, as they may be part of a phishing attack.
  • Use trusted network connections: Public Wi-Fi can be exploited by hackers. Try to avoid using your imToken wallet when connected to such networks.

What Are the Other Scams You Need to Know?

In addition to the Trojan horse virus, there are other common scams that you may want to be aware of:

1. The scam that involves wallet permission manipulation

In this kind of scam, users are tricked into making deposits on a phony shopping website. The signature intended to confirm deposits will then be used to manipulate the user’s TRX wallet permissions. Users will lose control over their wallets after signing off the transaction. imToken has implemented new measures to protect user asset security in its latest release. For more details about this kind of scam, please read our article: Security Alert | Beware of Wallet Permission Manipulation.

2. The scam that involves TRON wallet authorization record falsification

In this kind of scam, fake USDT tokens and authorization records are created as lures. As issuers of the tokens, attackers have the ability to generate fake authorization records on any address. Furthermore, they stipulate in the token contract that only token holders could revoke or modify this authorization. For more details, please check out Security Alert | Beware of Unknown Authorization Records in TRON (TRX) Wallets.

Closing Thoughts

With scams continually evolving, it is indeed challenging for average users to fully prevent them. imToken is committed to rapidly detecting issues and finding solutions, providing timely messages to the community, and educating users about various types of scams to protect them from losses.

We encourage you to read and share imToken Wallet Security Monthly Report and join hands with imToken to safeguard your asset security.

About imToken

imToken is a decentralized digital wallet used to manage and safeguard a wide range of blockchain- and token-based assets, identities, and data. Since its founding in 2016, it has helped its users transact and exchange billions of dollars in value across more than 150 countries around the world.

⬇️Download imToken: Google Play | Apple App Store

💠Follow us: Twitter | Support | Website

--

--

imToken
imToken

Wallet for Ethereum ETH, Bitcoin BTC, Arbitrum, Optimism, zkSync, Aztec, Polkadot DOT, Kusama KSM, LTC, EOS, Tron TRX, Cosmos ATOM, BCH, Nervos and more