You’re probably familiar with an old saying that goes, “there’s no such thing as a free lunch.” Well, you should update it as “there’s no such thing as free cryptocurrency” and act accordingly because we’re seeing several websites offering software downloads that supposedly deliver free digital assets to their users. What they really get instead is malware.
The scam works on two levels.
In the first level, a website will offer free Ethereum tokens (ETH) to users as rewards for referrals of other new navigators that come to the websites in question and adopt the scam as well. You’re supposed to get three ETH for every 1.000 visitors. That’s almost USD 800,00 in the current market, which is an exceedingly high reward as this kind of things go. It’s just a lure, of course, that’s how unsuspecting users are persuaded to bring more people about.
But the real deal (which in this case means the real problem) comes at the second level.
Once a potential victim arrives into one of the dodgy websites, they are offered to be awarded from USD 15 to SUD 45 in free Bitcoins daily. All they have to do to get those coins is to download a piece of software called “Bitcoin Collector,” which is supposed to “generate” BTC for free. That’s not what this program does, of course.
Beware of g[r]eeks bearing gifts
So the “Bitcoin Collector” gets downloaded, the user extracts and, in so doing, a bunch of files are created. Chief among them is “BotCollector.exe” which will run “Freebitco.in – Bot”.
The recently installed software won’t get users any BTC. It will download and install malware software into the victim’s computer instead.
A Twitter user known as Frost is a malware researcher who’s warned people about the scam. According to him, the malware evolves in two different ways. “BotCollector.exe” initially launched a piece of ransomware called “Marozka Tear Ransomware.”
In a ransomware attack, a computer’s files are encrypted by the malware. Then the owner gets a digital ransom note, in a text file usually warning them that if they don’t get in contact with the hacker team to agree on a payment mechanism, all the data will be lost or will remain inaccessible.
The ransomware aspect is not as severe as it used to be because nowadays a user can get the HiddenTear Decrypter utility, which will decrypt the affected files without the need for any payment. So the hackers have adapted to the new reality, and now, it installs a Trojan Horse that steals information from the victimized computer.
Frost identifies the Trojan as Baldr, and it can steal files, get your browsing history, take screenshots, and even get your logins as passwords for all the accounts you use in your browser or the applications you run in the infected computer.
If you’ve been around those websites and tried out the “Bitcoin Collector” thing, you should run a good antivirus and malware scan as soon as you can, change all your passwords, and improve your security all around. Most importantly, keep in mind that nobody is likely to give you any cryptocurrency away for free or any more than fiat currency you give them. Act accordingly.
Disclaimer: Please do your ‘very own’ market research before making any investment in cryptocurrencies. Neither the writer nor the publication (TronWeekly.com) holds any responsibility for your financial loss.