Hackers are now using YouTube to spread a new type of malware that steals data from cryptocurrency wallets, as well as crypto browser extensions.
Learn about PennyWise cryptocurrency malware
New malware is an “emerging threat” called PennyWise and can gain access to 30 different applications, such as wallets and browser extensions. Cyble blogged about this on June 30th in detail.
With malware, hackers can access data like login information and crypto extension data. The malware can also capture screenshots and infiltrate chat platforms like Telegram and Discord.
Wallet users should update to the latest version of their software to protect themselves from malware. Wallets for Ethereum and Zcash are also vulnerable.
Hackers use YouTube to distribute malware. They post malicious videos that look like Bitcoin mining tutorials, with a link on the description urging people to watch them. Don’t trust the video and be sure to keep your security software up-to-date!
It is estimated that the attackers had a large reach on YouTube, evident by the posting of 80 videos. Moreover, this malware is still being circulated by other channels purporting to offer free mining of NFTs and other free services.
The report said the malware was detected when its victim was located in Belarus, Kazakhstan, Russia, or Ukraine and supposedly self-destructed. It also changed the timezone data to show Russian Standard Time (RST) after sending it back to the attacker.
Crypto space malware
Earlier this year, a type of malware, Mars Stealer, targeted cryptocurrency-related wallets that rely on Chromium browser extensions. Binance Chain Wallet and Coinbase are among the crypto-related websites that have been targeted by Mars Stealer. These wallets include Binance Chain Wallet, Coinbase and MetaMask.
Crypto-jacking, involves the hackers stealing virtual currency through poorly protected computers and disproportionately targets smaller organizations.
