Fresh Crypto Issues

Beware of Crypto Scam Malware Attacks through Fake Software and YouTube Videos

Beware of Crypto Scam Malware Attacks through Fake Software and YouTube Videos

A major malware attack has targeted over 28,000 people in countries like Russia, Turkey, and Ukraine, stealing cryptocurrency. This cyberattack spreads through fake software downloads and misleading YouTube videos, making it a growing concern.

Cybersecurity firm Dr. Web discovered that the malware is disguised as real software, often hosted on fake GitHub repositories. People unknowingly download these infected files, which are usually hidden inside password-protected archives.

Cybercriminals use different methods to deceive users, such as offering pirated office software like local Microsoft Excel, game cheats, and automated trading bots. Russia experienced the most infections, but other countries like Belarus, Uzbekistan, Kazakhstan, Kyrgyzstan, and Turkey have also been hit.

Read more: Gen Z Experienced Highest Financial Losses Due to Scam, Coinbase Share The Tips to Spot Criminals

How The Malware Works

The malware infection starts when someone opens a self-extracting archive, which bypasses antivirus scans due to its password protection. Once the file is opened, various scripts are unpacked, allowing the malware to activate.

This malware is smart enough to detect if it’s running in a testing environment or if security tools are present, shutting down to avoid detection. Once it’s active, the malware modifies the Windows Registry, making sure it can start again whenever the system is used. It also hijacks legitimate system services like browser updates to maintain its presence.

The malware also disables the Windows Recovery Service and restricts access to its files, making it very hard to remove. After that, it connects to the attackers’ servers using a network tool called Ncat.

Read more: Telegram’s New Feature “Gifts”, Soon Can Be Converted to NFT

Financial Damage

This malware has two primary functions once it infects a computer. The first is mining cryptocurrency using the victim’s resources, which slows down the system and increases electricity usage. The second function involves replacing copied cryptocurrency wallet addresses with the attacker’s address, allowing them to steal funds during transactions. Dr. Web reported that around $6,000 in cryptocurrency transactions have already been stolen through this method, though the full extent of the damage is still unknown.

Beware of The Attacks

To protect yourself from such attacks, it’s essential to download software only from trusted official websites. Avoid clicking on random links in YouTube videos or promoted search results. Just because something appears on a popular platform doesn’t mean it’s safe.

Please stay cautious while using the internet!

Leave a Reply

Your email address will not be published. Required fields are marked *

About Author

Jose Abalos

Jose Abalos is a crypto and gaming enthusiast. He optimized the decentralization ecosystem will be the future. After graduating from Psychology at Asia Pacific College, Jose won’t stop learning something new! He enjoys discussing the ethics of AI, NFT, politics, and betting.

Categories