Security breaches are on the rise as hackers are constantly looking for loopholes. With every passing day, their malicious attempts are becoming more and more sophisticated. As bitcoin and other cryptocurrencies became popular, this space has become one of the most highly exploited industries.
Due to this, time and again, cybersecurity experts have warned that malware could be stealing Bitcoin and cryptocurrency wallet information.
In yet another alarming development, Microsoft Security Intelligence notified about the distribution of new information-stealing malware. Tweeting about the same, it stated,
A new info-stealing malware we first saw being sold in the cybercriminal underground in June is now actively distributed in the wild. The malware is called Anubis and uses code forked from Loki malware to steal system info, credentials, credit card details, cryptocurrency wallets pic.twitter.com/2Q58gpSIs0
— Microsoft Security Intelligence (@MsftSecIntel) August 26, 2020
According to Microsoft Security Intelligence, this new malware shares a name with an unrelated family of Android banking malware and also asserted that Anubis is deployed in what appears to be limited, initial campaigns that have so far only used a handful of known download URLs and C2 servers.
It further tweeted,
“Microsoft Defender ATP detects the new malware as PWS:MSIL/Anubis.G!MTB. We will continue to monitor this threat for the possible expansion of these campaigns.”
Anubis is found in several applications on the Google Play Store and is known for stealing confidential banking credentials and “allowing its master to spy on the smartphone’s user”.
The reason it remains undetected by Google, according to the security services provide Orange Cyber Defense, is because the first stage of the malware in the app is a downloader that does not contain any harmful code.
In another similar event in September 2019, cybersecurity researchers at Zscaler’s ThreatLabZ had notified that a malware called ‘InnfiRAT’ had the ability to perform specific tasks from an infected machine. This piece of malware is designed to access and steal personal information on a user’s computer.
Among other things, InnfiRAT can look for crypto wallet information and grab browser cookies to steal stored usernames and passwords, as well as session data using its “screenshot” functionality.