Beginning on September 24th, Bitcoin collapsed for a full week and prices continued to fluctuate around $8,000. Bitcoin buyers have now received warnings that their cryptocurrency investments face another threat. Uniper Threat Labs security researchers say the spyware provided by the Trojan uses the encrypted Telegram messaging platform to reveal cryptocurrency data.
This new threat is called “Masad Clipper and Stealer” and is being sold on online black market forums. The malware has a free version, but the most feature-rich version has risen to $85. Juniper Networks researchers have discovered a Telegram group with more than 300 members, and prospective buyers can learn more about it and get technical support.
The malware is a piece of simple spyware that looks for sensitive data through a web browser, including credit card details, passwords, autofill fields, cookies, installed software and processes, desktop files, and system information.
The Juniper Threat Labs team says, “Masad Stealer’s main distribution vectors are masquerading as a legitimate tool or bundling themselves into third party tools. Threat actors achieve end user downloads by advertising in forums, on third party download sites or on file sharing sites.”
Experts don’t suggest you download software, tools, or services through any means other than the official app store or manufacturer’s website. You should ensure that the Next Generation Firewall (NGFW) with Advanced Threat Protection is installed to identify and block the Telegram protocol.
Published by Emerson L. Sullivan & last updated on October 8, 2019 2:39 am