The Crypto Times
Image default
News

Virus Researcher Discover Malware in Crypto Trading Site Clone

A malware researcher reportedly discovered how a new cryptocurrency website was designed to spread crypto virus.

According to a Bleeping Computer report, virus researcher Fumik0_found that the host for this malware is a clone of the Cryptohopper website. The original site is where crypto users can design and program tool that performs crypto trading.

Cloned Cryptohopper Site

When a user visits the cloned Cryptohopper site, it allegedly downloads a setup.exe installer automatically. Once it runs, the installer will infect the device. The scam is so well done that it even displays the Cryptohopper logo in the setup panel in a bid to keep the user unaware that it’s being tricked.

The report states that running the program will install the Vidar Trojan, which steals information. It also sets up a pair of Qulab Trojans for clipboard and mining hijacking. The malware are then utilized once every 60 seconds so it collects data continuously.

Vidar Trojan

The Vidar Trojan will try to scrape user information such as browser history and cookies, login credentials, crypto wallets, and payment information. The accumulated data is compiled periodically and sent to a remote server. The data is then deleted.

Meanwhile, the Qulab Trojan will try to substitute set addresses in the clipboard when it discovers that a user has copied or saved a string that’s similar to a wallet address. This lets crypto transactions started by the user to be switched to the scammer’s address instead.

The clipboard hjacker has substitute addresses for bitcoin (BTC), bitcoin cash (BCH), bitcoin gold (BTG), dash (DASH), dogecoin (DOGE), ether (ETH), litecoin (LTC), xrp, qtum, and zcash (ZEC).   

Related posts

MakerDao Launches Series of Governance Polls to Address Alleged Security Loophole

Viena Abdon

Post-Liberation Visas Based on Ethereum Sold by North Korean Dissidents

Viena Abdon

Security Expert Launches Web Tool That Scans for Sensitive Data on GitHub

Viena Abdon

AntShares, now NEO, Rises to Top 10 Cryptocurrency

Hootie

Coinbase Opens XRP Exchange

Viena Abdon

Low Voter Turnout Holds up MakerDAO’s Move to Enforce 2% Reduction in DAI Stability Fee

Viena Abdon