Skip to content

Beware: Microsoft detects a sharp spike in info-stealing malware attacking crypto wallets

Beware: Microsoft detects a sharp spike in info-stealing malware attacking crypto wallets

It should come as no surprise that a noticeable increase in the number of threats and attacks that target crypto or leverage them has coincided with the sharp surge in the market capitalization of cryptocurrencies

In particular, Microsoft (NASDAQ: MSFT) researchers are seeing an increase in related malware and techniques, as well as a new threat called ‘Cryware,’ according to a new security blog post published by the company on May 17. 

Cryware is a kind of data stealer that targets non-custodial crypto wallets (hot wallets). Since hot wallets, in contrast to cold wallets, are kept locally on a device and give simpler access to the cryptographic keys that are required to complete transactions, an increasing number of threats are focusing their attention on them.

Berman Enconado and Laurie Kirk from the Microsoft 365 Defender Analysis Workforce stated in the report. 

“With the growing popularity of cryptocurrency, the impact of cryware threats have become more significant. We’ve already observed campaigns that previously deployed ransomware now using cryware to steal cryptocurrency funds directly from a targeted device.”

2021 Cryware distribution: Source: Microsoft

The role of crypto in attacks has changed

Prior to the development of cryware, the function of cryptocurrencies during an attack or the stage of an assault in which they were involved varied depending on the overall purpose of the attacker. As an example, several ransomware attacks favor the use of cryptocurrencies as a form of ransom payment. 

Nevertheless, in such a case, the target user will need to carry out the transfer on their own. In the meanwhile, cryptojackers, which are one of the most common types of malware connected to cryptocurrencies, do attempt to mine crypto on their own, however the success of such a strategy is strongly reliant on the resources and capabilities of the targeted system.

Cryware allows attackers to instantly move the target’s cryptocurrency to their own wallets after gaining access to their hot wallet data. Blockchain transactions are final even if performed without a user’s agreement or knowledge. Unlike credit cards and other financial transactions, there are no methods to reverse or protect consumers against fraudulent crypto transactions. 

Regular expressions (regexes) may be used to locate hot wallet data like as private keys, seed phrases, and wallet addresses, using these patterns, cryware automates the procedure. Clipping and switching, memory dumping, phishing, and frauds are all methods used to acquire wallet information.

Best Crypto Exchange for Intermediate Traders and Investors

  • Invest in cryptocurrencies and 3,000+ other assets including stocks and precious metals.

  • 0% commission on stocks - buy in bulk or just a fraction from as little as $10. Other fees apply. For more information, visit etoro.com/trading/fees.

  • Copy top-performing traders in real time, automatically.

  • eToro USA is registered with FINRA for securities trading.

30+ million Users
Securities trading offered by eToro USA Securities, Inc. (“the BD”), member of FINRA and SIPC. Cryptocurrency offered by eToro USA LLC (“the MSB”) (NMLS: 1769299) and is not FDIC or SIPC insured. Investing involves risk, and content is provided for educational purposes only, does not imply a recommendation, and is not a guarantee of future performance. Finbold.com is not an affiliate and may be compensated if you access certain products or services offered by the MSB and/or the BD

Read Next:

Finance Digest

By subscribing you agree with Finbold T&C’s & Privacy Policy

Related posts

Sign Up

or

By submitting my information, I agree to the Privacy Policy and Terms of Service.

Already have an account?

Services

IMPORTANT NOTICE

Finbold is a news and information website. This Site may contain sponsored content, advertisements, and third-party materials, for which Finbold expressly disclaims any liability.

RISK WARNING: Cryptocurrencies are high-risk investments and you should not expect to be protected if something goes wrong. Don’t invest unless you’re prepared to lose all the money you invest. (Click here to learn more about cryptocurrency risks.)

By accessing this Site, you acknowledge that you understand these risks and that Finbold bears no responsibility for any losses, damages, or consequences resulting from your use of the Site or reliance on its content. Click here to learn more.