Main navigation

Crypto Theft Alert: New Malware Hijacks Coins via Phony VPN Services

Advertisement
Mon, 3/04/2023 - 15:26
Crypto Theft Alert: New Malware Hijacks Coins via Phony VPN Services
Cover image via www.freepik.com
Read U.TODAY on
Google News

Cybersecurity specialists have uncovered OpcJacker, a new malware strain, that has been targeting cryptocurrency users since mid-2022.

This malicious software spreads via counterfeit VPN services and uses a unique configuration approach to make analyzing its code flow challenging for experts.

The malware's primary functions include recording user input, capturing screenshots, stealing sensitive browser data, loading extra modules and swapping cryptocurrency addresses in the clipboard to hijack transactions. Researchers have observed that malicious software is disseminated through various schemes, including those that disguise it as cryptocurrency-related applications or legitimate software.

Earlier this year, fraudulent ads aimed at Iranian users impersonated legitimate VPN services. Victims were deceived into downloading a malware-infected archive file by being redirected to a compromised website.

Advertisement

Related
The malware operates by modifying a legitimate library within an installed application, which subsequently loads another harmful library.

This library assembles and executes a shellcode responsible for loading and running the malware from data chunks stored in different file formats.

The loader, which has been active for over a year, underwent minor modifications before incorporating an entirely new payload consisting of data-stealing and hijacking capabilities.

Users are advised to be cautious when downloading VPN services or cryptocurrency-related applications from unfamiliar websites.

Related articles

Advertisement
TopCryptoNewsinYourMailbox
TopCryptoNewsinYourMailbox
Advertisement
Advertisement

Recommended articles

Latest Press Releases

Our social media
There's a lot to see there, too

Popular articles

Advertisement
AD