KryptoCibule Uses Several Tricks to Maximize Cryptocurrency Theft

  /     /     /  
Publicated : 23/11/2024   Category : security


KryptoCibule Uses Several Tricks to Maximize Cryptocurrency Theft


The malware family uses multiple tactics to steal as much cryptocurrency as possible while flying under the radar.



A newly discovered strain of malware dubbed KryptoCibule uses multiple techniques to evade detection while maximizing cryptocurrency theft from victims.
ESET researchers who discovered the threat say it has been active since 2018 and updated with new components over time. KryptoCibule is a triple threat: It uses a victims resources to mine virtual coins, tries to hijack transactions by replacing the wallet address in the clipboard, and exfiltrates cryptocurrency-related files, all while employing techniques to evade detection.
KryptoCibule is distributed via malicious torrents for ZIP files containing content that is disguised as installers for pirated games and software. When users install, theyll get the software they were expecting as well as the malware. Attackers rely on the BitTorrent protocol to spread to new victims and download additional tools and updates to KryptoCibule once its installed.
The latest versions of the malware employ XMRig, an open source program designed to mine Monero using the devices CPU, and kawpowminer, another open source program that mines Ethereum using the GPU. Researchers note the latter is only used if a dedicated GPU is found on the host, and that both programs are set up to connect to an attacker-controlled mining server over the Tor proxy.
Data indicates the malware primarily targets victims in the Czech Republic and Slovakia. It specifically looks for endpoint security tools from ESET, which is based in Slovakia, as well as Avast and AVG, both owned by Czech Republic-based Avast. 
Read the
full report
for more details and evasion techniques

Last News

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
KryptoCibule Uses Several Tricks to Maximize Cryptocurrency Theft