A new strain of crypto malware “PennyWise” is spreading through YouTube, tricking users into downloading software designed to steal data from over 30 wallets and crypto browser extensions.
Cyber, a cyber-intelligence company, postedblogOn June 30, it said it was tracking a malware known as “PennyWise,” likely named after the monster in Stephen King’s horror novel “It,” that it was found.first timein May
“Our investigation has found this to be an emerging threat,” Cyble wrote in a blog post on June 30.
“This malware targets more than 30 browsers and crypto-currency applications such as crypto wallets, browser extensions, etc.”
Data stolen from victim’s system including digital currency extension data and login information It can also take screenshots and steal sessions from chat applications like Discord and Telegram.
The malware also targets crypto wallets such as Armory, Bytecoin, Jaxx, Exodus, Electrum, Atomic Wallet, Guarda, and Coinomi, as well as wallets that support Zcash and Ethereum, by searching the directory for the wallet file and sending a copy of it. to the attacker
Cyber security firms say Malware is spreading on YouTube mining educational videos claiming to be free Bitcoin mining software.
cyber criminal It will upload a video that directs viewers to the link in the description. and download free software At the same time it encourages them to disable their antivirus software. This allows the malware to successfully run.
Cyble said the attackers had up to 80 videos on their YouTube channel as of June 30. However, the specified channel has been removed.
However, malware continues to surface on other smaller YouTube channels, with videos spoofing free NFT mining, licensed software cracks, Spotify premium free, game cheats, and mods.
Interestingly, the malware is designed to stop itself immediately if it finds its victims in Russia, Ukraine, Belarus and Kazakhstan. Cyble also found that the malware altered the stolen timezone. The victim’s data is Russian Standard Time (RST) when the information is returned to the attacker.