Friday, January 22, 09:06
Home security New Botnet Campaign: Hackers Empty Crypto Wallets Using Cheap Russian Malware

New Botnet Campaign: Hackers Empty Crypto Wallets Using Cheap Russian Malware

Hackersthe theft cryptocurrencies is one of the most common targets of hackers in recent years. Hackers are constantly discovering new sophisticated ways to attack their victims' systems. For this reason, The researchers security were surprised when they discovered one botnet worth just $ 160, used to steal cryptocurrencies.

It's a Trojan malware named MasterMana Botnet. The botnet sends in bulk Phishing emails with malicious attachments to cryptocurrency users. According to Prevailion researchers, malicious code contained in attachments creates backdoors on the victim's computer and empties his crypto wallets.

"Based on what we have observed, MasterMana Botnet has had a huge impact on many organizations around the world," said Danny Adamitis, Prevailion's chief information officer.

"We estimate that Botnet interacted with about 2.000 machines per week or 72.000 machines during 2019," Adamitis said.

Researchers have found that hackers can infect popular Microsoft files, such as Word, Excel, PowerPoint and Publisher.

The researchers observed the tactics, techniques and procedures (TTPs) of the attack and associated it with the team "Gorgon Group", a well known hackers group that has been active for many years.

"The costs for developing and maintaining the campaign were virtually non-existent. ”, Prevailion reported on exhibition of. The hackers spent a total of 160 dollars alone. 60 dollars were for one Virtual Private Server and 100 dollars for it Trojan AZORult, a Russian malware.

Earlier attacks could have been even more economical, as hackers used a similar one Trojan, the Revenge Rat, which was free until 15 September.

The success of the attacks depends on the version of the Trojan. Researchers believe that the hackers were very clever, increasing the chances of their attacks succeeding.

Hackers have avoided using some popular malware, such as Emotet, and used one older, but equally sophisticated and effective Trojan, which avoids detection by security software.

Researchers said the campaign was active until September 24. However, they believe that hackers will continue on activities their.

“We recommend that cryptocurrencies investors be very careful and protect their staff computer. Two-factor authentication is necessary when this option is available, ”Adamitis said.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


Mac: How to see which model you have and when it was released

When you need support for your Mac - or want to install some kind of upgrade - you usually need to know the exact ...

Bill Gates: Will he work with Biden on COVID-19 / climate change?

Microsoft co-founder Bill Gates said on Twitter that he is looking forward to working with the new US President, Joe Biden, and ...

What are the rumors circulating about the iPhone 13?

Apple iPhone 13 will have a redesigned Face ID system that will have a smaller notch at the top of the screen, ...

Biden: How was the political transition in the US captured on social media?

As Joe Biden was sworn in as President of the United States, this important political transition was captured on popular social media. On January 20, ...

CentOS ceases to be supported but RHEL is offered for free

Last month, Red Hat caused a great deal of concern in the Linux world when it announced the discontinuation of CentOS Linux.

Microsoft Office 365 employee passwords leaked online!

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and ...

COSMOTE and Microsoft provide new cloud solutions for businesses

COSMOTE and Microsoft expand their cooperation, offering even more advanced and high quality cloud solutions, in large and small ...

Cyber ​​attacks in Eastern Europe are on the rise!

The cyber-attacks that have taken place in many US government agencies and companies in recent months have caused concern in the developing countries of ...

Tesla reduces the prices of the Model 3 in Europe

Tesla has reduced the prices of the Model 3 in many European markets, which reductions could be partly linked ...

iOS, Android, XBox users in the crosshairs of a new malvertising campaign

Recently a new malvertising campaign was discovered that targets users of mobile and other connected devices and uses effective ...