A new form of cryptocurrency malware has been discovered. Known as Electro RAT, the malware remained uncovered for approximately one year before researchers came across it in a new study.
Electro RAT Has Remained Hidden for Some Time
Electro RAT has been designed to operate on Windows, Mac and Linux systems, making it usable to a wide array of criminals. It has been in use since the first month of 2020, and according to a report published by cybersecurity firm Interzer, it has already made off with several customers’ wallet addresses. Electro RAT also includes three defective apps and has built up a wide array of fake company and social media names as a means of luring more people into the money-stealing trap.
One needs to realize that there is a downside that comes with the establishment of the digital currency space. The bigger the industry gets and the larger prices for leading assets such as bitcoin become, the harder criminals are going to try to make off with funds that are not theirs, so as bitcoin has grown in size over the past 12 months, so have attempts by cyberthieves to take from others.
The mentioned apps take on the form of cryptocurrency software. However, they are dangerous in that they contain trojan horses that ultimately take effect once the apps are installed. This allows the cyber criminals to access customers’ accounts. They can then take note of keystrokes and even take pictures of a person’s screen. They can also upload or download malicious files onto victims’ devices and initiate commands without the person’s knowledge or permission.
Researchers explain in their report:
It is very uncommon to see a RAT written from scratch and used to steal personal information of cryptocurrency users. It is even more rare to see such a wide-ranging and targeted campaign that includes various components such as fake apps and websites and marketing/ promotional efforts via relevant forums and social media.
How to Ensure You’re Safe
The three apps in question are known as “Jamm,” “eTrade” and “DaoPoker.” The scary thing about them all is that up to this point, they have been completely missed and overlooked by many forms of antivirus software. The criminals also posted fake promotions for these apps on special crypto forums that prompted individuals to visit various websites that once visited, would inherently download the malicious code onto their devices.
Researchers claim that the infected pages have been viewed a minimum of 6,700 times. Thus, they have no choice but to believe that as many as 6,700 people could have been compromised. They are now advising crypto users to check their computers and run their systems to see if their devices contain any of the above-mentioned applications. If they are found, users are advised to clean their systems and change all corresponding passwords to prevent further intrusion.