New Crypto Malware Targets Coinbase, MetaMask: Mars Stealer Can Steal Wallet Private Keys
New cryptomalware currently targets cryptocurrency wallets, such as Coinbase, Binance Chain, and MetaMask. Right now, these digital wallet services are not focusing on their systems' security features.
A cryptocurrency wallet is a device, physical medium, program or a service which stores the public and/or private keys for cryptocurrency transactions. In addition to this basic function of storing the keys, a cryptocurrency wallet more often also offers the functionality of encrypting and/or signing information (According to Wikipedia).
Unlike a normal wallet, which can hold actual cash, crypto wallets technically don’t store your crypto. Your holdings live on the blockchain, but can only be accessed using a private key. Your keys prove your ownership of your digital money and allow you to make transactions. If you lose your private keys, you lose access to your money. That’s why it’s important to keep your hardware wallet safe, or use a trusted wallet provider like Coinbase.
However, the new malware called Mars Stealer makes the online safety their provide more complicated and questionable. The researcher who found the security threat, 3xp0rt, explained that this malicious campaign is similar to the recent Oski Trojan. However, he added that Mars Stealer is more severe than the information-stealing trojan virus that was active in 2019.
New Crypto Malware Targets Coinbase, MetaMask
According to Coin Telegraph's latest report, the new cryptomalware targets more than 40 cryptocurrency wallets that work as browser extensions (browser-based).
This illustration photo shows the Coinbase logo on a smartphone in Los Angeles on April 13, 2021. - The arrival April 13, 2021, of cryptocurrency exchange Coinbase on Nasdaq is one of the most anticipated events of the year on Wall Street, where enthusiasm for record-breaking bitcoin is in full swing, despite questions about the sustainability of the market.
On the other hand, it also attacks some popular two-factor authentication and a grab function, allowing it to acquire sensitive crypto wallet private keys from its victims.
"Mars Stealer written in ASM/C with using WinApi, weight is 95 kb. Uses special techniques to hide WinApi calls, encrypts strings, collects information in the memory, supports secured SSL-connection with C&C, doesn't use CRT, STD," said 3xp0rt via his official blog post.
Aside from Coinbase, Binance Chain, and MetaMask, the security expert also provided other tools targeted by Mars Stealer.
Mars Stealer's Other Targets
Targeting crypto wallet services is alarming since the new malware can lead to massive digital currency theft, especially since more people are now investing in Bitcoin, Ethereum, and other rising cryptocurrencies. However, this new cryptomalware also focuses on some popular browsers. These include Microsoft Edge, Internet Explorer, Brave, Epic Privacy Browser, Opera Stable, and other browsing tools.
On the other hand, it can collect the following information:
- Processor model
- Computer name
- Machine ID
- GUID
- Installed software and their versions
- User name
- Domain computer name
Source: techtimes.com - wikipedia - coinbase
Bạn cũng có thể quan tâm
John&Partners, LLC. Cybersecurity
7443 Brompton, Houston, Texas 77025 , USA