en
Back to the list

This New Malware Poses Threat to Crypto Wallets, Even Cold Ones

source-logo  beincrypto.com 28 September 2022 16:38, UTC

Cryptocurrency holders have been warned to be vigilant against a new malware spreading across the internet that is adept at stealing personal information.

Dubbed “Erbium,” after the element, the malware steals personal information and data retained in browsers such as passwords, cookies, credit card information, and more.

Reportedly, it has been able to access two-factor authentication codes from several two-factor authentication (2FA) and password managers, in addition to Steam and Discord tokens, as well as Telegram authentication files.

Its rapid spread is an indicator of its adaptability, which could see it infecting users in novel ways.

Browser extensions at risk of attack

For example, cryptocurrency wallets have also been targeted by the malware. If users can access their digital wallets through a browser extension, then Erbium has been shown to utilize this as a means of gaining entry. 

More disturbingly perhaps, is that Erbium has also been reported to gain access to cold cryptocurrency wallets, ostensibly impenetrable to hacking, due to their physical separation from any network connection.

Cold wallets affected include popular brands such as Exodus, Atomic, Bytecoin, as well as Ethereum accounts.

Malware-as-a-service: the latest brand of ransomware

One reason Erbium has been able to flourish is because it has been set up as Malware-as-a-service (MaaS), in which the malware can effectively be rented out to use. While the service was originally available for $9 per week, its surging popularity has seen its price rise to $100 per month.

Users can also choose a yearly subscription for $1,000. In addition to the malware, a subscription also provides a full tool set, software updates, and customer support.

As ransomware attacks have increased over the past few years, a similar service has emerged. With ransomware-as-a-service (RaaS) affiliates are provided with the debilitating software in return for a percentage of the ransom.

Utilizing this model, ransomware group Conti proved to be one of the most successful last year, extorting over $180 million in crypto from victims.

Update your antivirus – now

Cybersecurity firm Cyfirma was among the first to detect the malware, hidden within cracks for popular computer and video games. Subsequently, Erbium has been able to spread rapidly through download sites for cracked software.

So far, Erbium has reportedly appeared in the United States, Colombia, Portugal, Spain, France, Italy, Romania, Turkey, Lebanon, India, Vietnam, and Malaysia.

Consequently, the best and most effective way to prevent being infected by the malware is to avoid downloading the cracked software from these websites.

Another suggestion would be to have the highest quality software installed, as well as scheduling regular antivirus and malware screenings.

beincrypto.com