Hackers’ activity is not very strange in the cryptocurrency sphere. Series of malwares are being manufactured, targeting unaware internet users, stealing their confidential information in the process. According to report from reliable source, a fake Cryptohopper trading platform has been launched, purposely to distribute malwares like clipboard hijackers, miners and others.
Desperation of internet thieves, especially ones that are related to cryptocurrency is quite alarming on daily basis. They believe their capability can get them what they want after making their hacking tools viral on the internet.
Hackers Impersonating Cryptocurrency Exchange Website
Cryptohopper is a cryptocurrency trading platform that allows users to create models meant for automating digital currency trading on several markets.
A new discovery has it that attackers invented a lookalike Cryptohopper trading platform, which will automatically download a Setup.exe after being visited by any unaware client of the trading platform.
This has literally made visiting the fake website dangerous, since it’s not just a command to download, but the downloads and installations will be done without the consent of the visiting customers and then used for a malicious act.
The attacker uses Cryptohopper logo to deceive the visitors so as to make the website look legitimate, while it is rather an information-stealing Trojan.
This automatically downloaded malware will install two Qulab Trojans. One functions as a miner, while the second functions as a clipboard hijacker. This malware will create scheduled tasks so as to launch miner and clipper executables in succession.
The Potency of the Malware in Stealing Vital Information
Once the Malware is downloaded and installed, it will start gathering vital information and get them compiled in a folder named %ProgramData%.
According to report, the malware will head in to steal information such as browser payment information, 2FA authenticator databases, cryptocurrency wallets, browser cookies, saved login credentials and others.
After compiling this information, the malware will swiftly upload it to a remote server, in order to give the hackers access to it.
The Malware is Capable of Stealing Digital Currency
A Trojan with clipboard hijacking capability will be installed on the infected computer by the malware. The fact that users generally copy and paste cryptocurrency addresses into Windows clipboard, just because it is long, unique and hard to remember gives the Trojan means to detect the crypto address.
It will then replace the copied one with the address that is controlled by the attackers, in order to steal the cryptocurrency successfully.
Cryptocurrency Holders Must be Careful
Top websites have constantly been impersonated by hacking experts. They are everywhere on the internet, looking for innocents to devour.
Sometimes ago, a fake system cleaner got widely promoted, which eventually installed information hijacking Trojans on the computer system of many that fell for the trick.
In order to avoid this, users should make thorough crosschecking to confirm the legitimacy of every websites before visiting, just a click could result to life threatening financial wreck. Updating of software on computer will also go along way in protecting users, andiIt is advisable to install highly potent malware resistance.