{"id":28065,"date":"2020-09-02T15:32:05","date_gmt":"2020-09-02T12:32:05","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=28065"},"modified":"2025-08-27T09:27:59","modified_gmt":"2025-08-27T06:27:59","slug":"new-cryptominer-kryptocibule-targets-residents-of-eastern-europe","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/new-cryptominer-kryptocibule-targets-residents-of-eastern-europe\/","title":{"rendered":"New cryptominer KryptoCibule targets residents of Eastern Europe"},"content":{"rendered":"<p>ESET researchers have discovered a new Trojan, KryptoCibule, aimed at stealing and mining cryptocurrency.<!--more--><\/p>\n<p>\\n<\/p>\n<p>The malware&#8217;s features allow it to launch hidden mining on the victim&#8217;s device, spoof cryptocurrency wallet addresses, and steal personal data.<\/p>\n<p>\\n<\/p>\n<p>KryptoCibule is aimed primarily at residents of the Czech Republic and Slovakia. Its name translates as &#8220;cryptoluk,&#8221; as the trojan operators use the .onion domain to control the malware.<\/p>\n<p>\\n<\/p>\n<p>KryptoCibule spreads through torrents containing infected ZIP archives with pirated content.<\/p>\n<p>\\n<\/p>\n<div id=\\\"attachment_108982\\\" style=\\\"width: 616px\\\" class=\\\"wp-caption alignnone\\\"><img loading=\\\"lazy\\\" decoding=\\\"async\\\" aria-describedby=\\\"caption-attachment-108982\\\" class=\\\"size-full wp-image-108982\\\" src=\\\"https:\/\/forklog.com\/wp-content\/uploads\/unnamed-15.png\\\" alt=\\\"New cryptominer KryptoCibule attacked residents of Eastern Europe\\\" width=\\\"606\\\" height=\\\"139\\\" srcset=\\\"https:\/\/forklog.com\/wp-content\/uploads\/unnamed-15.png 606w, https:\/\/forklog.com\/wp-content\/uploads\/unnamed-15-300x69.png 300w\\\" sizes=\\\"auto, (max-width: 606px) 100vw, 606px\\\" \/><\/p>\n<p id=\\\"caption-attachment-108982\\\" class=\\\"wp-caption-text\\\"><em>Archive containing the malicious attachment<\/em><\/p>\n<\/div>\n<p>\\n<\/p>\n<p>The malware includes a range of tools that complicate its detection on an infected machine.<\/p>\n<p>\\n<\/p>\n<div id=\\\"attachment_108983\\\" style=\\\"width: 512px\\\" class=\\\"wp-caption alignnone\\\"><img loading=\\\"lazy\\\" decoding=\\\"async\\\" aria-describedby=\\\"caption-attachment-108983\\\" class=\\\"size-full wp-image-108983\\\" src=\\\"https:\/\/forklog.com\/wp-content\/uploads\/unnamed-11.jpg\\\" alt=\\\"New cryptominer KryptoCibule attacked residents of Eastern Europe\\\" width=\\\"502\\\" height=\\\"374\\\" srcset=\\\"https:\/\/forklog.com\/wp-content\/uploads\/unnamed-11.jpg 502w, https:\/\/forklog.com\/wp-content\/uploads\/unnamed-11-300x224.jpg 300w\\\" sizes=\\\"auto, (max-width: 502px) 100vw, 502px\\\" \/><\/p>\n<p id=\\\"caption-attachment-108983\\\" class=\\\"wp-caption-text\\\"><em>Components and tools of KryptoCibule<\/em><\/p>\n<\/div>\n<p>\\n<\/p>\n<p>To protect against the new cryptominer, users are advised to stop using pirated content.<\/p>\n<p>\\n<\/p>\n<p>Earlier, cybersecurity experts reported a surge in Mekotio trojan activity aimed at stealing cryptocurrency.<\/p>\n<p>\\n<\/p>\n<p>Subscribe to ForkLog news on Telegram: <a href=\\\"https:\/\/t.me\/forklogfeed\\\" target=\\\"_blank\\\" rel=\\\"nofollow noopener noreferrer\\\">ForkLog Feed<\/a> \u2014 the full news feed, <a href=\\\"https:\/\/telegram.me\/forklog\\\" target=\\\"_blank\\\" rel=\\\"nofollow noopener noreferrer\\\">ForkLog<\/a> \u2014 the most important news and polls.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>ESET researchers have discovered a new trojan, KryptoCibule, aimed at stealing and mining cryptocurrency.<\/p>\n","protected":false},"author":1,"featured_media":28066,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154,1916],"class_list":["post-28065","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes","tag-eset"],"aioseo_notices":[],"amp_enabled":true,"views":"23","promo_type":"1","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/28065","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=28065"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/28065\/revisions"}],"predecessor-version":[{"id":28067,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/28065\/revisions\/28067"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/28066"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=28065"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=28065"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=28065"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}