Security News > 2021 > April > HackBoss malware poses as hacker tools on Telegram to steal digital coins
The authors of a cryptocurrency-stealing malware are distributing it over Telegram to aspiring cybercriminals under the guise of free malicious applications.
Researchers have named the malware HackBoss and say that its operators likely stole more than $500,000 from wannabe hackers that fell for the trick.
Researchers at Avast analyzing HackBoss note that the malware is packed in a.ZIP file with an executable that launches a simple user interface.
Avast researchers say in a blog post today that they found over 100 cryptocurrency wallet addresses associated with the HackBoss operation that received more than $560,000 since November 2018.
Avast researchers say that HackBoss authors also promote their fake hacking tools outside the Telegram channel, although this remains the main distribution path.
Avast provides a lengthy list of indicators of compromise on its GitHub page with hashes and names of the fake applications disguising HackBoss malware and the cryptocurrency wallet addresses associated with the actor.
News URL
Related news
- 5 Must-Have Tools for Effective Dynamic Malware Analysis (source)
- FIN7 hackers launch deepfake nude “generator” sites to spread malware (source)
- N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware (source)
- Russian Espionage Group Targets Ukrainian Military with Malware via Telegram (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- Unpatched Mazda Connect bugs let hackers install persistent malware (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)