Microsoft Warns Against New Malware Targeting Windows Crypto Wallet


Microsoft Security Intelligence (MSI) has warned against new forms of malware targeting Windows users to steal crypto wallets‘ sensitive data.

07 September, 2020 | AtoZ MarketsCybercrime continues to evolve, and hackers are finding new ways to exploit security flaws. Hacking is on the rise during the coronavirus pandemic, as people are busy with remote work, spending more time online.

New Malware Puts Cryptocurrency Wallets at Risk

Microsoft Security Intelligence (MSI) has caught new malware identified as Anubis targeting the crypto wallet of Windows users. According to MSI, new malware may endanger crypto wallet credentials, credit card details, and other valuable data. The malware first appeared on the dark web market in June. So far, this malware is very narrowly targeting to a specific range and does not maintain its overwhelming presence. MSI stated:

“Anubis is deployed in what appears to be limited, initial campaigns that have so far only used a handful of known download URLs and C2 servers. When successfully executed, it attempts to steal information and sends the stolen information to a C2 server via HTTP POST command. The post command sends back sensitive information that may include username and passwords, such as credentials saved in browsers, credit card information, and cryptocurrency wallet IDs.”

Anubis relies on forked code from Loki, a malware targeting Android systems. Loki uses social engineering techniques to target victims, send attachments via email, and click this will install the malware.

When it comes to avoiding Anubis, Parham Eftekhari, Executive Director of the Cybersecurity, said people should not open any attachments or emails that they don’t expect or unfamiliar with.

“They should deploy antimalware applications on their systems and scan and update frequently,” he said. “Finally, when accessing sensitive accounts such as banking applications, they should employ secure or privacy browsers. It may prevent malware from recording keystrokes or screenshots.”

Think we missed something? Let us know in the comment section below.

    Share Your Opinion, Write a Comment