Security News > 2021 > April > HackBoss malware poses as hacker tools on Telegram to steal digital coins
The authors of a cryptocurrency-stealing malware are distributing it over Telegram to aspiring cybercriminals under the guise of free malicious applications.
Researchers have named the malware HackBoss and say that its operators likely stole more than $500,000 from wannabe hackers that fell for the trick.
Researchers at Avast analyzing HackBoss note that the malware is packed in a.ZIP file with an executable that launches a simple user interface.
Avast researchers say in a blog post today that they found over 100 cryptocurrency wallet addresses associated with the HackBoss operation that received more than $560,000 since November 2018.
Avast researchers say that HackBoss authors also promote their fake hacking tools outside the Telegram channel, although this remains the main distribution path.
Avast provides a lengthy list of indicators of compromise on its GitHub page with hashes and names of the fake applications disguising HackBoss malware and the cryptocurrency wallet addresses associated with the actor.
News URL
Related news
- New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools (source)
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
- Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools (source)
- North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign (source)
- New FireScam Android data-theft malware poses as Telegram Premium app (source)
- FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices (source)
- Russia-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware (source)
- Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer (source)
- Hacker infects 18,000 "script kiddies" with fake malware builder (source)