Get the scoop on finance - sign up for mobile alerts
Scams, Hacks & Breaches
| On
September 28, 2019

New Malicious Malware Stealing Crypto Funds – Bitcoin, Ethereum, XRP, Litecoin, Cardano and Monero Users Targeted

By Daily Hodl Staff

A new Trojan-delivered spyware, identified on black market forums as the “Masad Clipper and Stealer,” is stealing cryptocurrency, private passwords and credit card information. 

ADVERTISEMENT

The malware, discovered by Juniper Threat Labs, automatically replaces crypto wallet addresses copied to the clipboard with its own address in order to steal users’ funds.

Juniper’s blog post explains,

“Masad Stealer sends all of the information it collects [through] a Telegram bot controlled by the threat actor…. Because Masad is being sold as off-the-shelf malware, it will [most likely] be deployed by multiple threat actors.”

The malware works on the Windows operating system and targets wallet addresses if they match a list of coins.

ADVERTISEMENT

Juniper’s researchers have found that Masad Stealer can replace Bitcoin, Monero (XMR), Cardano (ADA), Ether (ETH), Dash (DASH), XRP, Litecoin (LTC), and several other cryptocurrency addresses in order to transfer users’ funds to the hacker’s address.

So far, Juniper says the Bitcoin address connected to the malware contains more than $9,000 worth of BTC.

After the malware installs itself on victims’ computers, it begins trying to steal personal information including users’ crypto wallet addresses and credit card information, as well as general PC and system info.

The malicious program also tries to gather users’ Discord and Telegram data.

Masad Stealer then compresses all the files and sends them to the thief’s computer system. 

ADVERTISEMENT

“Based on our telemetry, Masad Stealer’s main distribution vectors are masquerading as a legitimate tool or bundling themselves into third party tools. Threat actors achieve end user downloads by advertising in forums, on third party download sites or on file sharing sites.”

You can find the full list of malware-containing software to avoid here.

[the_ad id="42537"] [the_ad id="42536"]
&nbsp
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.