Bold! New “shameless” crypto malware puzzles security experts

  • There is a new malware product designed to steal cryptocurrencies, and in a surprising twist is simply marketed as the best way to make money in 2021.
  • Unlike most which camouflage for legal reasons, the creators of the latest malware have perplexed experts for their boldness.

A malware product that went into the market in 2020 seems to have evolved into what security experts have described as a  “shameless” product. The malware is called WeSteal and it does exactly as its name suggests. Its creators, who are selling it in underground forums have been frank about what it does and how it does it.

It has been revealed that the product was sold in 2020 by a developer going by the name WeSupply. Recently, the product has resurfaced, this time sold by an author called ComplexCodes. In underground platforms, it boasts of being the most advanced cryptocurrency stealer. WeSteal is offering unique features such as automatic start, antivirus software circumvention, and a victim tracker panel.

The advertiser highlights,

It steals all Bitcoin (BTC) and Ethereum (ETH) coming in and out of a victim’s wallet through the clipboard, it also has plenty of features like the GUI/Panel which is just like a RAT [Remote Access Trojan],

The features clearly reveal the objective of the software which has surprised Palo Alto Networks researchers. The experts have been taken a hard look at what the new malware means for the crypto community.

How WeSteal works

According to Palo Alto Networks researchers, the stealer uses strings related to the patterns of the Bitcoin and Ethereum wallet of the victim, mostly copied to a victim’s clipboard. Once these are identified, the software replaces them with attacker-controlled wallets. As a result, all outgoing and incoming transactions end up in the attacker’s wallet.

The researchers have been surprised by the bold decision of the author identifying with the product. He faces criminal charges for what is a small profit, they added. The author is said to charging €20 ($24) for a month, €50 ($60) for three months and €125 ($151) for one year.

The Python-based malware in its aim to prove its legitimacy has gone as far as to show ‘customer’ transactions. These are samples of wallets of users who bought the product and successfully stole some Bitcoin or Ethereum. But according to the researchers, the amounts were relatively small and could be forged.

In the course of the researcher’s investigation, there were a number of updates. For one, the authors have included a number of other popular cryptocurrencies- Litecoin, Bitcoin Cash and Monero. Furthermore, “actors have incorporated the C2-as-a-service model of WeSteal into this RAT as well”, the blog reads.

Despite billions being invested in the cybersecurity industry, rogue elements taking advantage of innocent crypto adopters grow. And with each takedown crops up another element. Of course, as crypto becomes more mainstream, investors have learnt a number of ways to protect themselves from theft. One of the most popular means is keeping cryptocurrencies in an offline hard wallet. This gives online hackers zero chance of getting to the cryptocurrencies.

About Author

John Kiguru is an astute writer with a great love for cryptocurrency and its underlining technology. All day he is exploring new digital innovations to bring his audience the latest developments.

Comments are closed.