Kaspersky, a Russian-based multinational cybersecurity and antivirus provider, has discovered that hackers/bad actors are using Satacom downloader to install harmful extensions on Google Chrome, Brave, and Opera browsers. The installed extension helps hackers or scammers to wipe out cryptocurrencies from users.
According to available data, the Satacom downloader is the first preference of hackers; the malware was developed long ago in 2019. The malware uses a technique of querying DNS to achieve the base64-encoded URL in order to receive the next stage.
Kaspersky claims that by using the malware, hackers can secretly monitor all activities of crypto users on their web browsers. The extension offers and adds a wide variety of features and functions to the browser to lure users.
Once the malware file gets downloaded, it begins its initial process to control the browser by displaying a zip archive file and suggests downloading the file from the dummy version of the website used by the user. To lure users, dummy websites offer users a free download of the archive file.
Kaspersky pointed out that “Satacom majorly downloads numerous binaries on the victim’s operating systems.” Kapersky added, “Recently, the team of Kaspersky observed that Satacom is using PowerShell script that operates the installation process of malware extension.”
As per the data of Kaspersky, 30,000 users were at risk in the last two months and bad actors were able to bypass the detection process and steal cryptocurrencies from the users of Kucoin, Coinbase, Huobi, and Bybit.
The fraudster has upgraded the extension by making major modifications and adding script changes to upgrade the controlling panel. A malware expert at Kaspersky noted that the enhanced extension could also target other cryptocurrencies. Although it is a browser-based malware, it can access Linux, Windows, and macOS browsers.
Growing Scam Defaming Cryptocurrencies
In a report published in April 2023, Kaspersky highlighted that an additional 40% of scams were reported in 2022. The majority of scams and frauds occur due to a lack of information and security solutions.
In Kespersky’s 2022 survey, one in seven investors is affected by crypto scams. The antivirus provider claims that crypto is still the priority for scammers to quickly become wealthy by looting someone’s life savings.
Crypto phishing or crypto-related cyberattacks are executed by creating a dummy or a twin similar to the original website, providing the user with the lure of a free giveaway and misleading them to enter crucial information pertaining to their wallets on the malicious website.
Users can securely access their cryptocurrencies by avoiding clicking on any suspicious links. Scammers mostly target users using alluring emails, forcing or convincing them to provide their confidential information.
Scams and frauds could be avoided by using antivirus softwares and other safety solutions that can safeguard the machines. Keeping oneself updated on best practices online can also help to avoid scams and fraud.
Disclaimer
The views and opinions stated by the author, or any people named in this article, are for informational ideas only and do not establish financial, investment, or other advice. Investing in or trading crypto assets comes with a risk of financial loss.
Credit: Source link