- Cyberattacks on cryptocurrency have been rife since 2020 and are continuing in the new year through the use of ElectroRAT
- It has been uncovered and analysed by the research team at Intezer, a company specialising in malware detection and cyber security
- The malware targets user assets by gaining access to their digital wallets through fake websites and apps
- The rising price of cryptocurrency is being attributed as the main cause of such cyberattacks
Fraudulent Apps Encrypted with ElectroRAT
Intezer discovered an insidious operation which used a novel Remote Access Tool (RAT) to hack cryptocurrency assets, reckoned to have started in January 2021. This remote access tool was installed on various fake apps developed using Electron, a platform which allows programming of applications. As a result, “ElectroRAT” was the name assigned to this malware.
ElectroRAT has been coded through Golang, or Go, which is a non proprietary software platform used for programming. It is built in order to gain access to multiple operating systems, including Windows, MacOS and Linux.
The hackers have also invested time in building their credibility by setting up multiple social media pages, websites and applications. The malware gains access when the user downloads these apps, having been lured into believing the legitimacy of these platforms due to the wide ranging marketing campaigns conducted by the attackers on social media.
Many Victims of this Intrusive Malware
Intezer estimates that about 6,500 users were duped by this hacking operation over a period of one year, and the malware is continuing its attack in 2021 as well. This number has been quoted on the basis of analysing the amount of visitors on the pastebin pages, which were used to identify the command and control servers of this operation.
It is quite rare to witness tools being programmed from scratch with the sole purpose of attacking numerous operating systems simultaneously, says Avigayil Mechtinger, a researcher at Intezer.
ElectroRAT is an invasive malware, as it has the potential to access functions ranging from keylogging to uploading and downloading files from disk, along with the ability to capture screenshots and perform commands on the user’s console after hacking it.
Means of Prevention
Having reviewed the extent of this malware operation, it becomes essential to ensure ways and means which will prevent one’s digital assets from being hacked. It is important to research websites and applications prior to downloading them, and focusing on their reputation in the past can give a fair idea of the legitimacy of such sites and apps.
The private keys should be stored on hardware based encryption devices to avoid the occurrence of unauthorised access. Having a physical copy of seed phrases rather than depending on the digitally saved version can also help in preventing malwares like ElectroRAT from hacking the cryptocurrency.
We are sorry that this post was not useful for you!
Let us improve this post!
Tell us how we can improve this post?