Security News > 2021 > April > HackBoss malware poses as hacker tools on Telegram to steal digital coins
The authors of a cryptocurrency-stealing malware are distributing it over Telegram to aspiring cybercriminals under the guise of free malicious applications.
Researchers have named the malware HackBoss and say that its operators likely stole more than $500,000 from wannabe hackers that fell for the trick.
Researchers at Avast analyzing HackBoss note that the malware is packed in a.ZIP file with an executable that launches a simple user interface.
Avast researchers say in a blog post today that they found over 100 cryptocurrency wallet addresses associated with the HackBoss operation that received more than $560,000 since November 2018.
Avast researchers say that HackBoss authors also promote their fake hacking tools outside the Telegram channel, although this remains the main distribution path.
Avast provides a lengthy list of indicators of compromise on its GitHub page with hashes and names of the fake applications disguising HackBoss malware and the cryptocurrency wallet addresses associated with the actor.
News URL
Related news
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)
- Desert Dexter Targets 900 Victims Using Facebook Ads and Telegram Malware Links (source)
- FBI: Free file converter sites and tools deliver malware (source)
- How AI, corruption and digital tools fuel Europe’s criminal underworld (source)
- Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages (source)
- Fake Microsoft Office add-in tools push malware via SourceForge (source)