Cryptocurrency Enthusiasts Targeted in Multi-Vector Supply Chain Attack

Tags

External References

• https://checkmarx.com/
• https://otx.alienvault.com/

Description

A sophisticated malware campaign targeting cryptocurrency enthusiasts has been uncovered, utilizing multiple attack vectors including a malicious Python package on PyPI and deceptive GitHub repositories. The multi-stage malware, disguised as cryptocurrency trading tools, aims to steal sensitive data and drain crypto wallets. It employs a deceptive GUI to distract users while performing malicious activities in the background. The attack flow involves an initial infection through the PyPI package, followed by a multi-stage process using a fake website to deliver secondary payloads. The malware conducts extensive data theft, targeting cryptocurrency wallet data, browser information, and sensitive system files. The attacker uses multiple platforms to distribute the malware and engages with potential victims through a Telegram channel.

Date