Kaspersky identifies malware framework targeting crypto investors
CoinTelegraph

Kaspersky identifies malware framework targeting crypto investors

Kaspersky identifies malware framework targeting crypto investors

Cybersecurity company Kaspersky said a newly identified malware framework is targeting cryptocurrency investors through social engineering tactics and trojanized GitHub apps.

Original OkoBot infection chain. Source: Kaspersky

Separately, a new malware campaign is seeking to infiltrate the devices of Web3 developers via fake LinkedIn recruitment opportunities, according to SlowMist.

Attackers contact blockchain developers via LinkedIn, posing as Web3 recruiters. They then send fake GitHub repositories to victims, claiming they contained the minimum viable product that needed to be tried before the interview, the blockchain security company said in a Saturday report.

The workflow closely resembles a legitimate technical interview where developers pull code, install dependencies and launch a project, which makes it difficult to notice the attack, according to SlowMist.

Related: UK sentences 2 hackers tied to $115M crypto ransom scheme

The malware aims to deliver a complete โ€œremote access trojanโ€ that infects devices, enabling attackers to steal project keys, cloud credentials, or wallet extension data from these developers.

โ€œThis attack is not an isolated case,โ€ wrote SlowMist, adding that recent incidents illustrate that โ€œattackers are increasingly leveraging scenarios such as recruitment, code reviews and project collaborations to trick developers into actively running malicious repositories.โ€

The report came a day after SlowMist warned of a separate malware campaign targeting macOS users, aiming to steal their credentials and hijack their Telegram sessions to ultimately trick investors into entering their wallet recovery phrases through fake websites.

Magazine: Does Botanixโ€™s failure prove Bitcoiners donโ€™t care about DeFi?

Comments

No comments yet. Start the discussion.