The Coin Republic | Andrew Smith | May 11, 2021
The cryptocurrency community has been made aware of the emergence of a new malware that has set its crosshairs towards crypto wallets. It seems that digital currency holders have another thing to be wary of.
Panda Stealer
Trend Micro recently released a blog post on their website revealing the above-mentioned online threat. According to the blog, they’ve detected this new “information stealer” dubbed the “Panda Stealer” as early as April.
Further, it was explained that this type of malware is being delivered through spam email. If Trend Micro’s telemetry is anything to go by, countries like Germany, Australia, Japan, and the United States were heavily affected by it during what is described as “spam wave.”
See: How Cryptocurrency is changing Fintech
It was also learned that this so-called Panda Stealer is a modified iteration of the Collector Stealer malware. This nasty bug also uses a fileless approach in its proliferation for it to avoid getting detected.
How it infects
The deployment of this malware is done via spam emails as it masks itself as business quote requests to lure cryptocurrency holders in opening malicious Excel files. Trend Micro has highlighted a couple of “infection chains”:
- An .XLSM attachment containing the macros that download a loader. The loader then downloads and executes the main stealer.
- The other uses an attached .XLS file that contains an Excel formula that uses a PowerShell command to access a Pastebin alternative – paste.ee. This will then access a second encrypted PowerShell command.
It’s also hungry for your other online details
According to PC Gamer, since this Panda Stealer utilizes a fileless approach to remain unnoticed, it is said that the malware “also has a taste” for details of the victim’s Discord, Steam, NordVPN, and even Telegram accounts. What’s made it even more worrisome is the fact that it can take screenshots, raid a device’s cookie jar, and pilfer passwords and card details.
Continue to the full article –> here
The National Crowdfunding & Fintech Association (NCFA Canada) is a financial innovation ecosystem that provides education, market intelligence, industry stewardship, networking and funding opportunities and services to thousands of community members and works closely with industry, government, partners and affiliates to create a vibrant and innovative fintech and funding industry in Canada. Decentralized and distributed, NCFA is engaged with global stakeholders and helps incubate projects and investment in fintech, alternative finance, crowdfunding, peer-to-peer finance, payments, digital assets and tokens, blockchain, cryptocurrency, regtech, and insurtech sectors. Join Canada’s Fintech & Funding Community today FREE! Or become a contributing member and get perks. For more information, please visit: www.ncfacanada.org
LET’S USE FINTECH AS A FORCE FOR GOOD!
|
Related Posts
Source: https://ncfacanada.org/panda-stealer-malware-sets-its-crosshairs-on-cryptocurrency-wallets/
- &
- 11
- 2021
- access
- affiliates
- April
- article
- Assets
- Auction
- Australia
- blockchain
- Blog
- Bug
- business
- Canada
- Canadian
- Charity
- Coin
- community
- cookie
- countries
- Couple
- Crowdfunding
- crypto
- crypto wallets
- cryptocurrency
- Currency
- Cybersecurity
- decentralized
- digital
- Digital Assets
- digital currency
- discord
- Early
- ecosystem
- Education
- Excel
- finance
- financial
- fintech
- full
- funding
- Germany
- Global
- Government
- Highlighted
- HTTPS
- Hungry
- industry
- information
- Innovation
- insights
- Insurtech
- Intelligence
- investment
- IT
- Japan
- large
- learned
- malware
- Market
- Masks
- Members
- networking
- Newsletter
- NFT
- online
- Other
- Passwords
- payments
- PC
- PowerShell
- projects
- PWC
- raid
- Regtech
- report
- Sectors
- Services
- set
- spam
- States
- Steam
- system
- Telegram
- Tokens
- Trend Micro
- Trust
- United
- United States
- us
- Wallets
- Wave
- Website
- weekly
- What is
- works
