Copy link
Increase text size
Decrease text size
Link copied

New malware can steal cryptocurrency wallet IDs and credit card info

Anubis is a new malware that could steal sensitive data such as crypto wallets.

Image by Darwin Laganzon from Pixabay

Wed, 02 Sep 2020, 08:11 am UTC

There’s a new malware in town that could be a cause of concern among cryptocurrency users and investors. According to experts who studied its code, the malware could steal sensitive data such as crypto wallets.

The new malware is called Anubis and was put on sale on cybercrime dark markets in June 2020, according to Coindesk. However, the publication noted that the new malware is distinct from the similarly named Anubis family of Andriod banking malware making their rounds since 2017.

Microsoft Security Intelligence said that the new Anubis malware was created using code sourced from the Loki malware. Loki, which was first detected in February 2016, is an info-stealing malware that first targeted devices running on Android, according to Trend Micro.

“A new info-stealing malware we first saw being sold in the cybercriminal underground in June is now actively distributed in the wild,” Microsoft Security Intelligence tweeted. “The malware is called Anubis and uses code forked from Loki malware to steal system info, credentials, credit card details, cryptocurrency wallets.”

Microsoft warned people from visiting sketchy sites. “The malware is downloaded from certain websites,” said Microsoft’s partner director of security research Tanmay Ganacharya. “It steals information and sends stolen information to a C2 (command and control) server via an HTTP POST command.”

The cybersecurity expert also revealed just what type of information the Anubis might steal. “When successfully executed it attempts to steal information and sends stolen information to a C2 server via HTTP POST command,” Ganacharya explained. “The post command sends back sensitive information that may include username and passwords, such as credentials saved in browsers, credit card information and cryptocurrency wallet IDs.”

Meanwhile, Cybersecurity Collaborative executive director Parham Eftekhari offered some tips on how people can protect themselves against the new malware. These include getting an updated anti-malware software as well as accessing sensitive sites using more secured privacy browsers.

“They should deploy antimalware applications on their systems and scan and update frequently,” Parham Eftekhari said. “Finally, when accessing sensitive accounts such as banking applications, they should employ secure or privacy browsers which may prevent malware from recording keystrokes or screenshots.”

TokenPost | [email protected]

<Copyright © TokenPost. All Rights Reserved. >

Back to top
Copyright ⓒ TokenPost. All Rights Reserved.