Security News > 2020 > June > Glupteba – the malware that gets secret messages from the Bitcoin blockchain

Glupteba – the malware that gets secret messages from the Bitcoin blockchain
2020-06-24 16:50

Our experts have deconstructed a strain of malware called Glupteba that uses just about every cybercrime trick you've heard of, and probably several more besides.

The most interesting feature that we learned about in the report is how Glupteba uses the Bitcoin blockchain as a communication channel for receiving updated configuration information.

Glupteba uses the fact that the Bitcoin transactions are recorded on the Bitcoin blockchain, which is a public record of transactions available from a multitude of sources that are unexceptionably accessible from most networks.

Let's start with a list of all the Bitcoin transaction hashes associated with one of the Bitcoin wallets used as a covert source of messages by Glupteba.

The bad news about Glupteba is that its many self-protection components mean that it has many tricks available to stop itself showing up in your security logs.


News URL

https://nakedsecurity.sophos.com/2020/06/24/glupteba-the-bot-that-gets-secret-messages-from-the-bitcoin-blockchain/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Bitcoin 6 0 27 13 0 40