If you watch YouTube, beware of this crypto-stealing malware

A new malware is spreading through YouTube intends to steal data from 30 different crypto wallets and browser extensions.
A new malware is spreading through YouTube intends to steal data from 30 different crypto wallets and browser extensions.

🌟 Join the Revolution! 🌟 DeeStream Presale Stage One is NOW LIVE!

A new type of cryptocurrency malware is spreading through YouTube, luring users into downloading programs that are intended to steal data from 30 different crypto wallets and browser extensions. The malware called “PennyWise”—likely named after the monster in the horror novel “It”—had been tracked since May, according to a blog post by cyber intelligence firm Cyble. The blog post stated:

“Our investigation indicates that the stealer is an emerging threat.”

According to the report, the attacker can currently target over 30 browsers as well as bitcoin applications like cold wallets, browser extensions, etc.

🎬 The Future is Streaming, and it’s Decentralized! 🎬 DeeStream’s Presale Stage One is OPEN!

💰 Exclusive Presale Tokens Available - Invest in the Future of Streaming!

Chromium and Mozilla browser data, including login information and Bitcoin extension data, were reportedly stolen from the victim’s PC. The attacker can also use social media applications like Discord and Telegram to steal sessions and take screenshots.

In addition, Cyble reveals that the malware targets cold crypto-wallets that support Zcash and Ethereum by scanning the directory for wallet files and transmitting copies of those files to the attackers. These wallets include Armory, Bytecoin, Jaxx, Exodus, Electrum, Atomic Wallet, Guarda, and Coinomi.

How does malware use YouTube?

The cybersecurity company explained that the attacker is entering into systems by spreading malware via YouTube mining education videos that share so-called free Bitcoin mining software in their description boxes. The “Threat Actors,” produce videos in which they direct viewers to click the link in the description and download the free software while simultaneously enticing them to turn off their antivirus programs, which makes it possible for the malware to operate successfully. 

As of June 30, according to Cyble, the attacker had up to 80 videos on their YouTube channel; however, the detected channel has since been deleted.

Cybercrimes in the crypto world have become very common due to the lack of clear regulatory structures and decentralized nature. In February this year, as TheCooinRise reported, crypto exchange giant Binance joined the NCFTA or National Cyber-Forensics and Training Alliance to help combat cybercrime. 

Moreover, the blockchain analysis company Chainalysis in January also talked about a low-profile malware that was stealing millions at the time.

👉 [Visit DeeStream.com/Presale]