Back to top
  • 공유 Share
  • 인쇄 Print
  • 글자크기 Font size
URL copied.

Crypto Malware Designed for Windows Hacking on the Loose

Thu, 18 Jan 2024, 02:12 am UTC

Cybersecurity firm Trend Micro has identified a previously unknown malware strain named Phemedrone Stealer. This malware exploits a now-patched security flaw in Microsoft Windows, explicitly targeting web browsers and extracting data from crypto wallets. The Texas-based firm's report reveals that Phemedrone Stealer is not limited to crypto-related information; it also harvests data from messaging apps such as Telegram, Steam, and Discord. Beyond Data Theft Cybersecurity experts have noted that Phemedrone Stealer goes beyond traditional data theft methods. According to Crypto News, in addition to extracting sensitive information, the malware captures screenshots and collects comprehensive system details, including hardware specifications, location data, and operating system information. This multifaceted approach underscores the sophistication of modern cyber threats as threat actors continually evolve their tactics. The stolen data is transmitted to the attackers through Telegram or a command-and-control (C&C) server. Trend Micro highlights that the vulnerability stems from the absence of checks on Microsoft Defender and related prompts on Internet Shortcut (.url) files. Threat actors exploit this loophole by creating .url files, initiating the download and execution of malicious scripts, and effectively bypassing Windows Defender SmartScreen warnings and checks. Despite the security patch released by Microsoft, Trend Micro warns that an increasing number of malware campaigns, including those distributing the Phemedrone Stealer payload, continue to exploit this security gap. The exact scale of stolen crypto or private data due to Phemedrone Stealer remains unclear. Cybersecurity Efforts Mitigate Financial Impact In 2023, the De.Fi REKT database recorded a concerning 455 incidents, with the largest hack amounting to $231 million, attributed to Multichain. According to Trend Micro, despite the alarming cumulative total of $2 billion, cybersecurity experts and white hat hackers managed to recover approximately $200 million from the overall sum. This indicates that while the cyber threat landscape is evolving, concerted efforts from cybersecurity professionals contribute significantly to mitigating the financial impact of malicious activities, offering a glimmer of resilience against cyber threats. Photo: Markus Spiske/Unsplash

Cybersecurity firm Trend Micro has identified a previously unknown malware strain named Phemedrone Stealer.

This malware exploits a now-patched security flaw in Microsoft Windows, explicitly targeting web browsers and extracting data from crypto wallets. The Texas-based firm's report reveals that Phemedrone Stealer is not limited to crypto-related information; it also harvests data from messaging apps such as Telegram, Steam, and Discord.

Beyond Data Theft

Cybersecurity experts have noted that Phemedrone Stealer goes beyond traditional data theft methods.

According to Crypto News, in addition to extracting sensitive information, the malware captures screenshots and collects comprehensive system details, including hardware specifications, location data, and operating system information. This multifaceted approach underscores the sophistication of modern cyber threats as threat actors continually evolve their tactics.

The stolen data is transmitted to the attackers through Telegram or a command-and-control (C&C) server. Trend Micro highlights that the vulnerability stems from the absence of checks on Microsoft Defender and related prompts on Internet Shortcut (.url) files. Threat actors exploit this loophole by creating .url files, initiating the download and execution of malicious scripts, and effectively bypassing Windows Defender SmartScreen warnings and checks.

Despite the security patch released by Microsoft, Trend Micro warns that an increasing number of malware campaigns, including those distributing the Phemedrone Stealer payload, continue to exploit this security gap. The exact scale of stolen crypto or private data due to Phemedrone Stealer remains unclear.

Cybersecurity Efforts Mitigate Financial Impact

In 2023, the De.Fi REKT database recorded a concerning 455 incidents, with the largest hack amounting to $231 million, attributed to Multichain.

According to Trend Micro, despite the alarming cumulative total of $2 billion, cybersecurity experts and white hat hackers managed to recover approximately $200 million from the overall sum. This indicates that while the cyber threat landscape is evolving, concerted efforts from cybersecurity professionals contribute significantly to mitigating the financial impact of malicious activities, offering a glimmer of resilience against cyber threats.

Photo: Markus Spiske/Unsplash

TokenPost | [email protected]

<Copyright ⓒ TokenPost, unauthorized reproduction and redistribution prohibited>

Most Popular

Comment 0

Comment tips

Great article. Requesting a follow-up. Excellent analysis.

0/1000

Comment tips

Great article. Requesting a follow-up. Excellent analysis.
1