Cryptocurrency Stealing Trojan Found In Pirated Windows 10 Software – Tech News Space

Cryptocurrency Stealing Trojan Found In Pirated Windows 10 Software – Tech News Space

[ad_1]

Medical specialists web discovered on various unofficial builds of Windows 10 distributed via a torrent tracker, a trojan stealer. It is Trojan.Clipper.231 malware that replaces cryptocurrency wallet addresses on the clipboard with addresses provided by scammers. According to experts, the attackers have managed to steal around $19,000 worth of cryptocurrency using this malware so far.

                Image Source: Pixabay

Image Source: Pixabay

According to the report, Doctor Web was contacted in May of this year by a customer who believed his Windows 10 computer was infected with malware. The experts analyzed and found Trojan.Clipper.231 on the system, as well as Trojan.MuIDrop22.7578 and Trojan.Inject4.57873 that launch the crook. The company’s specialists managed to locate the threat and neutralize the Trojans.

We also discovered that the target operating system was an unofficial suite and that the malware was embedded from the start. Subsequently, several unofficial builds of Windows 10 with embedded malware were identified:

  • Windows 10 Pro 22H2 19045.2728 + Office 2021 X64 by BoJlIIIebnik RU.iso,
  • Windows 10 Pro 22H2 19045.2846 + Office 2021 X64 by BoJlIIIebnik RU.iso,
  • Windows 10 Pro 22H2 19045.2846 x64 from BoJlIIIebnik RU.iso,
  • Windows 10 Pro 22H2 19045.2913 + Office 2021 x64 by BoJlIIIebnik [RU, EN].I like that,
  • Windows 10 Pro 22H2 19045.2913 x64 by BoJlIIIebnik [RU, EN].I like that

It is noted that all of the mentioned assemblies were available for download on a torrent tracker, however it is possible that the attackers used other distribution channels. After unpacking on the victim’s system, the Trojan starts crawling the clipboard and replaces the cryptocurrency wallet addresses with the addresses set by the attackers. It is noted that the Trojan can identify dangerous applications for itself and, if detected, does not change the wallet address on the clipboard.

According to Doctor Web analysts, the attackers were able to steal 0.73406362 Bitcoin and 0.07964773 Ethereum, which is equivalent to about $18,976. To avoid such problems, experts recommend using only official versions of Windows.

[ad_2]

Leave a Comment

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *