![]() After that, a malicious payload is decrypted and executed in the AppData\Local or AppData\Roaming directory. It is basically just the prompted UI which can open a file directory or popup a window, but its main and malicious functionality is triggered by a victim clicking on any button in the UI. The application itself does not have any of the promised behavior. Authors publish an average of 7 posts per month and each post is viewed approximately 1,000 times. The Hack Boss channel was created on November 26, 2018, and has over 2,500 subscribers so far. What is more, no application posted on this channel delivers promised behavior: all of them are fake. The truth is quite different - each published post contains only a cryptocurrency-stealing malware concealed as a hacking or cracking application. However, although each promoted application is promised to be some hacking or cracking application, it never is. The software that is supposed to be published on this channel varies from bank and social site crackers to various cryptocurrency wallet and private key crackers or gift card code generators. ![]() ![]() Also, only admins of the channel have the right to post and each post shows the name of the channel as a publisher, not a name of a person.Īuthors of the HackBoss malware own a channel called Hack Boss (hence the name of the malware family itself) which is promoted as a channel to provide “The best software for hackers (hack bank / dating / bitcoin)”. Anyone can subscribe to a specific channel and get a notification on their phone with each new post. A Telegram channel is a tool for broadcasting public messages to a large audience. HackBoss’ authors own a Telegram channel which they use as the main source for spreading the malware. The most interesting aspect of this malware is the way it is delivered to the victims. HackBoss is a simple cryptocurrency-stealing malware, but its monetary gain is significant. ![]() Prevalence of cryptocurrency stealing malware types since 03/2020 to 03/2021 HackBoss These three categories of cryptocurrency-related malware combined were the third most common type of malware seen in the wild over the past year. Keyloggers: malware that logs keystrokes to record passwords or seed phrases.Coinminers: malware that uses the victim’s machine’s computational power for mining cryptocurrencies.Password stealers: malware focusing on stealing cryptocurrency wallets or files with passwords.Malware designed to steal cryptocurrencies fall into one of three main categories: And it’s mainly being spread via Telegram. It’s a simple yet very effective malware that has possibly stolen over $560,000 USD from the victims so far. One specific malware family that emphasizes how easy it can be to lose your cryptocurrency coins is called HackBoss. ![]() Malware focusing on stealing cryptocurrency has become routine. However, the playground is tempting for both honest people and malicious ones. With every rise of the Bitcoin value, more and more people are drawn into the game of selling, mining, and exchanging digital assets. The world of cryptocurrencies is playful and interesting. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |