Software company Malwarebytes has cautioned crypto traders about two new bad softwares deployed by bad actors. According to the website, the new software targets crypto traders who carry out their activities on desktops. The company noted that the software has been operational since last year, stealing from unsuspecting traders. Additionally, the firm mentioned that its intelligence team discovered the two malware, which are still very much around.
Cisco Talos describes the attack
According to the Cisco Talos team, it is being deployed by bad actors to siphon cryptos from users’ wallets without their knowledge. Research shows that most targeted users live in the United States, with others living across Turkey, the United Kingdom, and the Philippines. The bad software targets information users might have copied and stored in their clipboards. Such information consists of words and numbers.
After the software detects wallet addresses saved, it changes the saved ones with the hacker’s wallet address. The malware is deployed on the premise that users are unaware of the address saved in their clipboard after they copy it, and they end up sending digital assets to the wrong wallet. Although the hackers do not have a specific target in mind, the malware infects computers belonging to individuals and organizations.
Chainalysis warns users about the malware
When deployed, the mortalkombat ransomware encrypts all the core details of a user’s system. After the encryption, it drops a letter with detailed instructions on making payments so they can have their information released. According to a Talos report, the hackers deployed the virus through some set of IPs that can be traced to Poland. In the report published by Malwarebytes, the hackers begin the process by sending an email with the bad links to users and waiting for them to click it. After the user clicks the link, a BAT file is opened, and the ransomware is downloaded and triggered.
However, the firm has mentioned that users can use several malware detection software to prevent malware from accessing and stealing their financial information. Several entities have also advised investors to do deep research before carrying out any investment actions. In a much recent report, ransomware victims have been refusing to negotiate with hackers, seeing the amount that the hackers made in 2022 fall by 40% to $456 million. However, Chainalysis claimed that the number of ransomware attacks had remained the same.
