Security News > 2022 > January > New BHUNT Password Stealer Malware Targeting Cryptocurrency Wallets

A new evasive crypto wallet stealer named BHUNT has been spotted in the wild with the goal of financial gain, adding to a list of digital currency stealing malware such as CryptBot, Redline Stealer, and WeSteal.
"BHUNT is a modular stealer written in.NET, capable of exfiltrating wallet contents, passwords stored in the browser, and passphrases captured from the clipboard," Bitdefender researcher said in a technical report on Wednesday.
The attack sequence starts with the execution of an initial dropper, which proceeds to write heavily-encrypted interim binaries that are then used to launch the main component of the stealer - a.NET malware that incorporates different modules to facilitate its malicious activities, the results of which are exfiltrated to a remote server -.
Golden7 - siphon cookies from Firefox and Chrome as well as passwords from clipboard.
Sweet Bonanza - steal stored passwords from browsers such as Internet Explorer, Firefox, Chrome, Opera, and Safari, and.
The information theft could also have a privacy impact in that the passwords and account tokens stolen from the browser cache could be abused to commit fraud and to gain other financial benefits.
News URL
https://thehackernews.com/2022/01/new-bhunt-password-stealer-malware.html
Related news
- MassJacker malware uses 778,000 wallets to steal cryptocurrency (source)
- GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets (source)
- GrassCall malware campaign drains crypto wallets via fake job interviews (source)
- New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions (source)