The Crypto Times
Image default
News

Virus Researcher Discover Malware in Crypto Trading Site Clone

A malware researcher reportedly discovered how a new cryptocurrency website was designed to spread crypto virus.

According to a Bleeping Computer report, virus researcher Fumik0_found that the host for this malware is a clone of the Cryptohopper website. The original site is where crypto users can design and program tool that performs crypto trading.

Cloned Cryptohopper Site

When a user visits the cloned Cryptohopper site, it allegedly downloads a setup.exe installer automatically. Once it runs, the installer will infect the device. The scam is so well done that it even displays the Cryptohopper logo in the setup panel in a bid to keep the user unaware that it’s being tricked.

The report states that running the program will install the Vidar Trojan, which steals information. It also sets up a pair of Qulab Trojans for clipboard and mining hijacking. The malware are then utilized once every 60 seconds so it collects data continuously.

Vidar Trojan

The Vidar Trojan will try to scrape user information such as browser history and cookies, login credentials, crypto wallets, and payment information. The accumulated data is compiled periodically and sent to a remote server. The data is then deleted.

Meanwhile, the Qulab Trojan will try to substitute set addresses in the clipboard when it discovers that a user has copied or saved a string that’s similar to a wallet address. This lets crypto transactions started by the user to be switched to the scammer’s address instead.

The clipboard hjacker has substitute addresses for bitcoin (BTC), bitcoin cash (BCH), bitcoin gold (BTG), dash (DASH), dogecoin (DOGE), ether (ETH), litecoin (LTC), xrp, qtum, and zcash (ZEC).   

Related posts

Bitcoin Soars as Bitcoin Cash Tanks

Miles

Kraken Sued for Allegations on Faulty Operations

Viena Abdon

Binance Research Claims China’s Cryptocurrency Transferable Even Without Bank Account

Viena Abdon

Kaleido Becomes First Blockchain Service Provider to Integrate QEDIT’s Zero-Knowledge Proof Enterprise Privacy Solution

Viena Abdon

Lazarus Hacker Uses New Methods in Targeting Crypto Again

Viena Abdon

North Korea Dismisses Allegations Its Agents Hacked Banks and Crypto Exchanges to Steal Billions

Viena Abdon