Trojan application attacks crypto wallets

For almost a year, fake ad campaigns have been roaming the internet, getting users to download various apps that attack crypto wallets. Researchers have now warned against the application.

The events surrounding Bitcoin are currently rolling over almost daily. The BTC price seems to be shooting up and up, putting a smile on the faces of many Bitcoin investors. However, a report Bitcoin Blueprint published on 5 January by the protection platform Intezer reveals that the high-flying frenzy also brings dangers for Hodler.

In December 2020, the platform discovered a malware operation aimed at looting crypto wallets. The operation consisted of a marketing campaign that included various websites, fake social media accounts and even a Trojan (Remote Access Trojan, RAT). This was christened ElectoRAT by the discoverers. The virus is programmed for the operating systems Windows, Linux and MacOS.

The application was related to various crypto wallets. Among them Jamm eTrade and DaoPoker. Forums such as Bitcointalk and SteemCoinPan promoted the apps. These launched promotions and enticed readers to download certain apps. Without knowing it, they installed the ElectroRAT Trojan at the same time. The researchers themselves commented on the operation as follows:

‚It is even rarer to see such a comprehensive and targeted campaign that includes various components such as fake apps and websites, as well as marketing / promotional efforts via relevant forums and social media.

The attackers also instructed Twitter users to promote the aforementioned forums. These included accounts with over 25,000 followers. Apparently, the campaigns worked on many readers. The researchers at Intezer estimate the number of victims at „several thousand“. The malware has existed since January 2020, but was only discovered in December, which explains the large number of victims.