Security News > 2022 > May > Microsoft Warns of "Cryware" Info-Stealing Malware Targeting Crypto Wallets
Microsoft is warning of an emerging threat targeting internet-connected cryptocurrency wallets, signaling a departure in the use of digital coins in cyberattacks.
"Cryware are information stealers that collect and exfiltrate data directly from non-custodial cryptocurrency wallets, also known as hot wallets," Berman Enconado and Laurie Kirk of the Microsoft 365 Defender Research Team said in a new report.
"Because hot wallets, unlike custodial wallets, are stored locally on a device and provide easier access to cryptographic keys needed to perform transactions, more and more threats are targeting them."
Earlier this year, Kaspersky disclosed a financially-motivated campaign staged by the North Korea-based Lazarus Group, which involved targeting crypto companies with malware designed to drain funds out of hot wallets.
Such information-stealing attacks aim to extract hot wallet data such as private keys, seed phrases, and wallet addresses, thereby allowing the threat actor to initiate rogue transactions and move funds to another wallet.
To mitigate such threats, Microsoft is recommending users and organizations to lock hot wallets when not trading, disconnect sites connected to a wallet, avoid storing private keys in plaintext, and verify the value of the wallet address when copying and pasting the information.
News URL
https://thehackernews.com/2022/05/microsoft-warns-of-cryware-info.html
Related news
- Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- New DroidBot Android malware targets 77 banking, crypto apps (source)
- Crypto-stealing malware posing as a meeting app targets Web3 pros (source)
- Windows, macOS users targeted with crypto-and-info-stealing malware (source)
- Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware (source)
- New fake Ledger data breach emails try to steal crypto wallets (source)
- Malicious Microsoft VSCode extensions target devs, crypto community (source)