Masad Stealer Malware Exfiltrates Crypto Wallets

Beginning on September 24th, Bitcoin collapsed for a full week and prices continued to fluctuate around $8,000. Bitcoin buyers have now received warnings that their cryptocurrency investments face another threat. Uniper Threat Labs security researchers say the spyware provided by the Trojan uses the encrypted Telegram messaging platform to reveal cryptocurrency data.

This new threat is called “Masad Clipper and Stealer” and is being sold on online black market forums. The malware has a free version, but the most feature-rich version has risen to $85. Juniper Networks researchers have discovered a Telegram group with more than 300 members, and prospective buyers can learn more about it and get technical support.

The malware is a piece of simple spyware that looks for sensitive data through a web browser, including credit card details, passwords, autofill fields, cookies, installed software and processes, desktop files, and system information.

The Juniper Threat Labs team says, “Masad Stealer’s main distribution vectors are masquerading as a legitimate tool or bundling themselves into third party tools. Threat actors achieve end user downloads by advertising in forums, on third party download sites or on file sharing sites.”

Experts don’t suggest you download software, tools, or services through any means other than the official app store or manufacturer’s website. You should ensure that the Next Generation Firewall (NGFW) with Advanced Threat Protection is installed to identify and block the Telegram protocol.

Published by on October 8, 2019 2:39 am, last updated on October 8, 2019 2:39 am

Leave a Reply

Problems with your PC, Mac or mobile device?

Live Chat Now

Thanks for using YooCare Services!

Here're some of the support team members who are passionate about their works and support our customers 24/7.

As Seen On