Computer analysts at cybersecurity firm Zscaler ThreatLabZ have found a new type of trojan that targets cryptocurrency users.
In a blog post published on Aug. 8, the company reveals that it identified a new remote-access trojan (RAT) that is able to capture administrative control of the targeted computer, retrieve browser history and look for activities involving cryptocurrency, credit cards, business, social media and others.
The malware is called Saefko and is written in .NET, a software framework developed by Microsoft and used to develop a wide range of applications. The post further explains:
“RATs are usually downloaded as a result of a user opening an email attachment or downloading an application or a game that has been infected. Because a RAT enables administrative control, the intruder can do just about anything on the targeted computer, such as monitoring user behavior by logging keystrokes, accessing confidential information, activating the system's webcam, taking screenshots, formatting drives, and more.”
Zscaler recommends that individuals do not download or open files from untrusted sources and states that network administrators should block unused ports, turn off unused services and monitor outgoing traffic.
Crypto malware walk the earth
Earlier this week, news broke that Chinese state espionage cyber unit APT41 are targeting cryptocurrency- and video game-related businesses. Researchers from cybersecurity company FireEye claim that “the group is also deployed to gather intelligence ahead of imminent events, such as mergers and acquisitions and political events.”
In June, cybersecurity firm ESET detected what it describes as an unusual and persistent cryptocurrency miner distributed for macOS and Windows since August 2018. The malware, dubbed “LoudMiner,” uses virtualization software — VirtualBox on Windows and QEMU on macOS — to mine crypto on a Tiny Core Linux virtual machine, thus having the potential to infect computers across multiple operating systems.
A report by cryptocurrency intelligence firm CipherTrace published in April estimated losses from digital currency theft and scams in the first quarter of 2019 at $356 million, with additional fraud or misappropriated fund losses amounting to $851 million in the same period. Alarmingly, this Q1 total of $1.2 billion constituted 70% of the total losses to crypto crime in all of 2018, indicating intensified hacking activity in the first months of 2019.