ESET researchers have discovered a new Trojan, KryptoCibule, aimed at stealing and mining cryptocurrency.
\n
The malware’s features allow it to launch hidden mining on the victim’s device, spoof cryptocurrency wallet addresses, and steal personal data.
\n
KryptoCibule is aimed primarily at residents of the Czech Republic and Slovakia. Its name translates as “cryptoluk,” as the trojan operators use the .onion domain to control the malware.
\n
KryptoCibule spreads through torrents containing infected ZIP archives with pirated content.
\n
Archive containing the malicious attachment
\n
The malware includes a range of tools that complicate its detection on an infected machine.
\n
Components and tools of KryptoCibule
\n
To protect against the new cryptominer, users are advised to stop using pirated content.
\n
Earlier, cybersecurity experts reported a surge in Mekotio trojan activity aimed at stealing cryptocurrency.
\n
Subscribe to ForkLog news on Telegram: ForkLog Feed — the full news feed, ForkLog — the most important news and polls.