Security Warning: Bitcoin Blockchain Hijacked By A New Strain Of Malware

Malware
Malware

Security Warning: Bitcoin Blockchain Hijacked By A New Strain Of Malware

As per a report by Forbes, security researchers have warned that the bitcoin blockchain is under an attack by a new strain of the Glupteba malware which is capable of using the bitcoin network to resist attacks itself.

Glupteba Exploits Security Vulnerability To Shield Itself from Attacks

According to TrendMicro’s latest blog which details the recently discovered but undocumented version, it described version was capable of taking over systems in order to mine Monero cryptocurrency and steal sensitive browser data like passwords and cookies.

Analysts also confirmed that this strain of the Glupteba malware also exploits a known security vulnerability in MicroTik routers to modify the target machine into a SOCKS proxy to ensure widespread spam attempts that could threaten Instagram users.

According to the report, the infection has a systematic mode of operation.

A target machine is first hit with a “malvertising attack,” which forces it to download a Glupteba “dropper.”

The dropper will flood the target with various rootkits, backdoors, and other nasties taken from GitHub. It then does the usual stuff like check for antivirus programs, add malicious firewall rules, as well as include itself in defender whitelists.

Most notable, however, is that this malware utilizes Bitcoin to automatically update, ensuring it runs smoothly even if antivirus software blocks its connection to remote command and control (C&C) servers run by the attackers.

Malware Uses Electrum Bitcoin Wallet

The malware makes use of the Electrum bitcoin wallet to make, particularly send bitcoin transactions in order for the attackers to gain access to systems.

“This technique makes it more convenient for the threat actor to replace command and control servers,” Trend Micro researchers wrote. A command and control server is the centralized computer that issues commands to an infected network of devices.
“If they lose control of a command and control server for any reason, they simply need to add a new bitcoin script and the infected machines obtain a new command and control server by decrypting the script data and reconnecting.”

Summary
Security Warning: Bitcoin Blockchain Hijacked By A New Strain Of Malware
Article Name
Security Warning: Bitcoin Blockchain Hijacked By A New Strain Of Malware
Description
security researchers have warned that the bitcoin blockchain is under an attack by a new strain of the Glupteba malware which is capable of using the bitcoin network to resist attacks itself.
Author
Publisher Name
Coingape
Publisher Logo
Coingape is committed to following the highest standards of journalism, and therefore, it abides by a strict editorial policy. While CoinGape takes all the measures to ensure that the facts presented in its news articles are accurate.
Disclaimer The views, opinions, positions or strategies expressed by the authors and those providing comments are theirs alone, and do not necessarily reflect the views, opinions, positions or strategies of CoinGape. Do your market research before investing in cryptocurrencies. The author or publication does not hold any responsibility for your personal financial loss.
Author: Dare Shonubi

Staff writer at Coingape. Certified cryptocurrency expert and Blockchain journalist covering crypto market analysis and general Blockchain adoption and development.
You can follow me on Twitter at @ShonubiDare or reach out to me at dare[at]coingape.com

Post your comment...
Dare Shonubi 184 Articles

Staff writer at Coingape. Certified cryptocurrency expert and Blockchain journalist covering crypto market analysis and general Blockchain adoption and development.
You can follow me on Twitter at @ShonubiDare or reach out to me at dare[at]coingape.com

Follow Dare @