Security News > 2022 > January > New BHUNT malware targets your crypto wallets and passwords
A novel modular crypto-wallet stealing malware dubbed 'BHUNT' has been spotted targeting cryptocurrency wallet contents, passwords, and security phrases.
The discovery and analysis of the new BHUNT malware come from Bitdefender, who shared their findings with Bleeping Computer before publishing.
Each module is designed for a specific purpose ranging from stealing cryptocurrency wallets to stealing passwords.
Using a modular approach, the threat actors can customize BHUNT for different campaigns or easily add new features.
As you can see in the code snippet below, the blackjack module is used to search for and steal cryptocurrency wallets on a user's device and send them to a remote server under the attacker's control.
"While the malware primarily focuses on stealing information related to cryptocurrency wallets, it can also harvest passwords and cookies stored in browser caches," - explains Bitdefender's report.
News URL
Related news
- Decentralization is happening everywhere, so why are crypto wallets “walled gardens”? (source)
- Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware (source)
- Google Play, Apple App Store apps caught stealing crypto wallets (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign (source)
- SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images (source)
- Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)