New phishing Exodus campaign targets Chinese crypto investors

by

Crypto users are being targeted in a fresh phishing scheme discovered by cybersecurity experts. In this scam, the criminals use FatalRAT, Clipper, and Keylogger malware together. This means that those who fall for the phishing attempt will have their computers infected with all three types of malware.

Cyble Research and Intelligence Labs have discovered a new phishing scheme aimed at Chinese cryptocurrency investors and businesses, particularly those utilizing the Exodus digital wallet.

Cybersecurity specialists discovered in a blog post that crooks have created a deceptive site, disguised as the Exodus crypto wallet, to lure users into unwittingly disclosing their private info.

Unsuspecting users are tricked into downloading a deceptive software, believing it to be legitimate Exodus installers from a fraudulent website. In reality, they unwittingly install FatalRAT, malware that enables hackers to take command of their computers from afar. The program further deceives users by initiating the Exodus installation process, giving them a false sense of security, while secretively executing its malicious intentions.

Cyble points out that the Exodus installation process includes the deployment of harmful programs like Clipper and Keylogger. These tools are designed to monitor and manipulate clipboard data on an affected computer. Notably, the hackers have used innovative .dll side-loading methods in this attack, helping them bypass security measures and detection systems. Although the size of the assault remains uncertain, it seems that Chinese crypto investors and businesses with Chinese software installers are the primary targets.

Read More

2024-04-15 11:07