Altcoin News: A New Virus Replaces the Addresses of Cryptocurrency Wallets
September 30, 2019, by Marko Vidrih on ALTCOIN MAGAZINE
Juniper Networks has discovered a new Masad Stealer virus, which spoofs the addresses of cryptocurrency wallets in users’ browsers, as a result of which they send funds to attackers.
In addition, Masad Stealer steals various personal information and system data. The virus sends to the hacker credit card information stored in the browser, files from the desktop, Discord service data, and so on. At the same time, the Telegram messenger is used to sending data.
The virus has a built-in algorithm for recognizing the addresses of the cryptocurrency wallets Monero, Litecoin, Zcash, Dash and Ethereum in the clipboard. After finding the address of the cryptocurrency wallet, Masad Stealer replaces it with the address of the attacker.
“Based on our telemetry, Masad Stealer’s main distribution vectors are masquerading as a legitimate tool or bundling themselves into third party tools,” wrote the research organization. “Threat actors achieve end user downloads by advertising in forums, on third party download sites or on file sharing sites.”
Recall that at the end of August, the McAfee antivirus company reported that in the 1st quarter of 2019, the number of installations of malware for cryptocurrency mining increased by 29% compared to the previous quarter.
Author: Marko Vidrih
