News YouTube BitCoin Videos Pushing Predator Info-Stealing Trojan

YouTube BitCoin Videos Pushing Predator Info-Stealing Trojan

-

- Advertisment -

A new scam is underway on YouTube that uses videos to promote a tool that can allegedly generate the private key for a bitcoin address. The attackers then claim this key would then allow you to gain access to the bitcoins stored in the bitcoin address, when in reality the victims will be infected with a password and data stealing Trojan.

This campaign was discovered by security researcher Frost who routinely monitors YouTube videos for cryptocurrency scams that lead to malware, which in this particular case is the Predator the Thief information-stealing Trojan

In this scam, the attacker is uploading videos that promotes a fake bitcoin address private key generator that can be used to steal other people’s bitcoins.

Uploaded Videos

In the video’s description will also be links to download the trojanized program from Yandex, Google Drive, and Mega.

Video Promoting Trojan

The file being offered is called Crypto World.zip and when extracted contains a setup.exe file, which includes a password-protected ZIP file containing the Predator the Thief executable.  This setup.exe file currently has 1/71 detections on VirusTotal.

CryptoWorld.zip files

This setup.exe program is a Trojan that will unzip a file to the .languagetemplatestemp folder as license.exe.

Extracting Predator the Thief installer

The license.exe file will then be executed and the Predator the Thief information stealing Trojan will be installed and executed on the computer.

Once running, Predator the Thief will communicate with the malware’s command and control server to download further components, other malware, and to send information back to the attackers.

Predator Network Traffic

This Trojan can steal a variety of information and passwords from a computer, including copying the victim’s clipboard, recording over the webcam, and stealing files from the victim.

According to Kaspersky, Predator the Thief v3 has the following features and this version may be newer.

Location Data stolen
Games Osu
Battle.net
FTP WinSCP
VPN NordVPN
2FA Authy
Messengers Pidgin
Skype
Operating System Webcam
HWID
Clipboard
Specific document files (Grabber)
Project filenames*
Browsers IE/Edge

If you have been infected with this Trojan, you should immediately change all passwords for your financial accounts, web sites, chat services such as Discord, and gaming services such as Steam and Battle.net. 

As always, you should use a password manager in order to create unique and strong passwords for every account you visit and never download programs off of YouTube, especially ones that claim to generate free money or cryptocurrency.



Source

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest news

Why could GLBrain become a great solution to receive support during the crisis?

To support smaller and medium-sized businesses during the ongoing crisis, GLBrain offers services cost-free for all Austrians....

Make Fast and Secure Trades Using Bitengo.io

Bitengo.io is a Cryptocurrency trading platform that allows users to buy and sell their Cryptocurrency in a...

Network Security Using Cryptography: Everything you need to know

This article will describe what is Network Security Using Cryptography and everything you need to know before...

Mercuriex Cryptocurrency Exchange Launches New Utility Token, SURF

MercuriEx Cryptocurrency Exchange, originally developed in 2017, came under new ownership in December 2019. Since taking over the exchange,...
- Advertisement -YouTube BitCoin Videos Pushing Predator Info-Stealing Trojan

Fungibility: Bitcoin Mixers Favorite Term That No One Understands

Fungibility, perhaps the most important concept when dealing with a decentralized and anonymous currency, but does bitcoin...

Crypto can’t thrive in the real world – but stablecoins can

We can safely say that the hype about cryptocurrencies is pretty much over. The claims of Bitcoin...

Must read

Make Fast and Secure Trades Using Bitengo.io

Bitengo.io is a Cryptocurrency trading platform that...
- Advertisement -YouTube BitCoin Videos Pushing Predator Info-Stealing TrojanYouTube BitCoin Videos Pushing Predator Info-Stealing Trojan

You might also likeRELATED
Recommended to you