Jump to content

Research: New Malware Employs Tor and Bittorrent To Steal Bitcoin and Ether - Piracy News and Crypto Updates - InviteHawk - Your Only Source for Free Torrent Invites

Buy, Sell, Trade or Find Free Torrent Invites for Private Torrent Trackers Such As redacted, blutopia, losslessclub, femdomcult, filelist, Chdbits, Uhdbits, empornium, iptorrents, hdbits, gazellegames, animebytes, privatehd, myspleen, torrentleech, morethantv, bibliotik, alpharatio, blady, passthepopcorn, brokenstones, pornbay, cgpeers, cinemageddon, broadcasthenet, learnbits, torrentseeds, beyondhd, cinemaz, u2.dmhy, Karagarga, PTerclub, Nyaa.si, Polishtracker etc.

Research: New Malware Employs Tor and Bittorrent To Steal Bitcoin and Ether


Folk846
 Share

Recommended Posts

 

A new trojan called Krypto Cibule uses infested computers’ power to mine cryptocurrency, steal crypto wallet files, and redirect incoming digital assets to a hacker address. The malware rides on the Tor network and the Bittorrent protocol to perform attacks, according to an extensive report by cybersecurity company, ESET.

“Krypto Cibule is spread through malicious torrents for ZIP files whose contents masquerade as installers for cracked or pirated software and games,” researchers Matthieu Faou and Alexandre Cote Cyr, detailed in their report published September 2.

The malware is mostly active in the Czech Republic and Slovakia where it has been responsible for hundreds of attacks. Most victims downloaded the malware from files hosted on a torrent site popular in the two countries called uloz.to.

The mining operations of the malware, which ESET researchers trace back to 2018, are written into XMRig, an open-source program that mines monero using the CPU, and kawpowminer, another open-source program that mines ethereum (ETH) using the GPU, with both programs set up to connect to a hacker-controlled mining server over the Tor proxy.

Researchers have attributed the little attention previously given to the trojan to the discretion of its operations. To keep the owner of the computer unsuspecting, the malware recalls the GPU miner when the battery is under 30% and stops operations altogether when the battery is under 10%.

The clipboard-hijacking operation masquerades as SystemArchitectureTranslation.exe. It monitors changes to the clipboard in order to replace wallet addresses with addresses of controlled by the malware operator in order to misdirect funds. The researchers noted:

At the time of this writing, the wallets used by the clipboard hijacking component had received a little over $1,800 in bitcoin (BTC) and ethereum.

 

 

Link to comment
Share on other sites

The last post in this topic was made more than 14 days ago. Only post in this topic if you have something valuable to add. Irrelevant posts are not allowed and you will be warned/banned for spamming old topics.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Read this before posting -
  • Only post if you have something valuable to contribute.
  • Avoid unnecessary posts such as 'Thank you', 'Welcome', etc. Such posts will be deleted and you will be warned if it happens again.
  • If the post helped you, reward the user by reacting to the post like this -                      1.jpg
Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Customer Reviews

  • Similar Topics

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.