We have already seen how security experts have warned that 2018 will be a year where computer attacks against the cryptocurrency sector will proliferate to a greater extent. Today we talked about a new malware that was not only capable of mining cryptocurrencies from the computer hardware of users, but also was responsible for eliminating any other process of CPU consumption to take advantage of this resource.
Well, today we have also been able to learn about a new malware called Combojack, which is responsible for exploiting a former Microsoft DirectX vulnerability, which has proliferated in the United States and Japan. In this sense, the malicious code takes the form of a PDF file that includes a DOC file that uses the DirectX API, to later download the executable file in the victim's system.
Once in the computer, Combojack is responsible for scanning the user's clipboard every half second in order to find anything that resembles a cryptocurrency portfolio. If it finds an address, it replaces it with the address of the hacker, something similar to what happened with CryptoShuffler, the malware that we reported in November and that used the clipboard in the same way.
However, unlike CryptoShuffler, this new malware works for various cryptocurrencies, and has a much more subtle system that will make the user have problems to realize the intrusion. The analysts of Palo Alto Networks were responsible for discovering the malware, and stated in their report:
This technique relies on victims not verifying the target portfolio before finalizing a transaction. In 2017, CryptShuffler was the first malware that used this tactic. Unlike this, focused on Bitcoin, ComboJack points to a range of cryptocurrencies that include Litecoin, Monero, Ethereum and Bitcoin.
Because the proliferation of these types of malware depends on the ignorance of the users, the surest way to avoid losing funds is to verify the addresses of the portfolios after pasting them into the clipboard.
Very good, informative post! Upvoted and follow you! have a nice day! I ll resteem it too!
will be posting this on Facebook for all my crypto-currencies friends : ) upstreamed and followed :)
Coins mentioned in post: