Cyber security firm Cyble warned people through a blog post about a newly developed crypto stealer malware called “Pennywise”, which is dispersing through Youtube.
According to the release, the malware is designed to target more than 30 crypto browsers and cryptocurrency applications including cold crypto wallets, crypto-browser extensions, and others.
The malware is prepared through an anonymous cyber attacker and owing to it “makes the debugging process tedious”. Furthermore, it uses multithreading to dig into user data with a faster execution process.
Cyble identified that the perpetrator is spreading the malware through Youtube videos via “free Bitcoin mining software” links. The link tricks users to download the malware hosted inside the file, which also disables antivirus present on devices.
According to the report, the perpetrator has uploaded over 80 videos on its YouTube channel to aim for mass infection. Unfortunately, there are some victims who have clicked on these malware masked links and downloaded them on their devices.
Also Read: Hackers Attack Crypto Wallets Through Telegram using Echelon Malware
The malware delivers inside data access to Chromium and Mozilla browser information, including cryptocurrency extension data and login data. Furthermore, it can directly empower the attacker to take screenshots of infected devices’ displays, or more dangerously it can hand over the social media chat from applications such as Discord and Telegram.
Possibly, the origin of the malware could be from Russia, Ukraine, Belarus, or Kazakhstan as it is designed to exclude the crypto holders belonging to these four countries.
Cyble stated that it is expecting a similar kind of malware attack in the near future by citing rapidly growing cyber attacks in the crypto space.
