Crypto Scams

Hackers Spiking Torrent Files With Malware To Phish Crypto Addresses


Crypto holders using windows machines are at a huge risk of being prey to hackers. Hackers are gaining access  to the machines through illegal movie downloads by users. The malware commands a chain of activities to inject code into Firefox, Yandex Search and Google browsers, eventually swapping Bitcoin or Ethereum addresses.  Lawrence Abrams on having discovered the malware to be a deeper rabbit hole than imagined, warned,


“What appeared to be an ad-injector into the main Google search page turned out to be only the tip of the iceberg”.


Also Read: Hacked!!!! Cryptopia Exchange falls Victim to Security Breach

Torrents Search leads to longer hours of entertainment

It certainly is not the kind of entertainment a movie fan is looking for. The Girl in the Spider’s Web. He was directed to a .LNK shortcut instead of a video file, the icon of which caught his attention. On performing a virus scan, results indicated a sample of CozyBear, malware used by an advanced threat actor. In a blog post, InfoArmor, a security firm, said,


“The bad actors have analysed trends on video, audio, software and other digital content downloads from around the globe and created seeds on famous torrent trackers using weaponised torrents packaged with malicious code. In some cases, they were specifically looking for compromised accounts of other users on these online communities that were extracted from botnet logs in order to use them for new seeds on behalf of the affected victims without their knowledge, thus increasing the reputation of the uploaded files.”

The malware injects hacker-promoted search results on Google search as the top search. It also injects a fake donation banner on Wikipedia stating that it now accepts cryptocurrency donations and provides two addresses.  Swapping of cryptocurrency wallet address owned by the attacker occurs when users apply the copy+paste function on Windows machines. Bleeping Computer warned that the users remain unaware as they do not see any signs of the trick. They commented,

“Because the wallets are a large string of random characters, most users will likely not notice the difference between what they expected to copy and the pasted result.”

Sites Prone To Malware

The malware has surged despite the bear crypto market, recorded at almost 500% in comparison with the previous year. According to a report cryptocurrency mining malware is responsible for the fall is supply of altcoin Monero (XMR).

Also Read: Authenteq raises $5 Million For Blockchain Based ID Verification Platform

Related Articles

Twiterrati in a frenzy over alleged 51% Attack on Ethereum Classic

Akansha Kesarwani Loses Crypto Worth $7.5 Million in Cold Wallet Hack

Akansha Kesarwani

Alleged NEO Fork NEO Super Might Be Another Crypto Scam

Akansha Kesarwani