Michael Gorelik Named a Finalist for Top 10 Cybersecurity Expert Award by Cyber Defense Magazine prweb.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from prweb.com Daily Mail and Mail on Sunday newspapers.
07 May 2021, 09:05 pm
A new malware called Panda Stealer has been discovered and this time, it targets Cryptocurrencies like Bitcoin and Ethereum via clickable links that act as Trojan horses and installs it in one s computer. These links are distributed via Discord chat rooms and e-mail, which resembles a phishing scam or a clickbait tactic by threat actors.
(Photo : Screenshot From Commons.Wikipedia.org)
Instead of an elaborate attack by hacking into crypto wallets that are found online, the new generation of hackers is now using malware to bypass the security of cryptocurrencies. What they do is to hack a user s computer instead and it would then grant them access to a crypto wallet without the need to bypass the blockchain security.
What you need to know
A piece of malware known as Panda Stealer is being used to steal cryptocurrency.
Panda Stealer can spread through emails and malicious Discord links.
It can be used to steal Dash, Bytecoin, Litecoin, and Ethereum.
A new piece of malware dubbed Panda Stealer is spreading its way across the web. Panda Stealer can be utilized to steal cryptocurrency, including Dash, Bytecoin, Litecoin, and Ethereum. First reported on by Trend Micro, the Panda Stealer malware spread around the web through spam emails.
Two infection chains have been identified. One chain contains an XLSM attachment that contains macros that downloads a loader, which executes the stealing process. The second chain utilizes an XLS file that has an Excel formula that uses a PowerShell command. This command uses a Pastebin alternative called paste.ee to get a second encrypted PowerShell command.
Get Permission
Researchers at Trend Micro have uncovered a new cryptocurrency stealer variant that uses a fileless approach in its global spam email distribution campaign to evade detection.
The gang behind the malware, dubbed Panda Stealer, starts with emails that appear to be business quote requests to entice recipients to open malicious Excel files, Trend Micro says.
Researchers found that the malware, a modification of Collector Stealer, has targeted victims in the United States, Australia, Japan and Germany.
Infection Chains
Trend Micro identified two infection chains. One uses an .XLSM attachment that contains macros that download a loader, which then downloads and executes the main stealer.
Panda Stealer Targets Crypto Wallets
A new information stealer is going after cryptocurrency wallets and credentials for applications including NordVPN, Telegram, Discord, and Steam.
Panda Stealer uses spam emails and the same hard-to-detect fileless distribution method deployed by a recent Phobos ransomware campaign discovered by Morphisec.
The attack campaign appears to be primarily targeting users in Australia, Germany, Japan, and the United States.
Panda Stealer was discovered by Trend Micro at the start of April. Threat researchers have identified two infection chains being used by the campaign.
They said: In one, an .XLSM attachment contains macros that download a loader. Then, the loader downloads and executes the main stealer.