Currencies32904
Market Cap$ 2.82T-0.26%
24h Spot Volume$ 24.48B+1.06%
DominanceBTC58.82%+0.01%ETH7.75%+0.23%
ETH Gas0.37 Gwei
Cryptorank
MainNewsCrypto Enthu...

Crypto Enthusiasts Targeted in Multi-Vector Malware Attack Disguised As Python-Based Trading Tool: Report


Oct, 30, 2024
2 min read
by Mehron Rokhy
for The Daily Hodl

Malware disguised as a Python-based trading bot has reportedly targeted crypto traders in a multi-vector supply chain attack.

According to a new blog post by cloud-based cybersecurity firm Checkmarx, crypto enthusiasts have been targeted by advanced malware cloaked as a suite of artificial intelligence (AI)-based crypto trading tools that aim to steal sensitive data and drain crypto wallets.

Checkmarx says the malware was distributed through code-sharing platform GitHub and PyPi (Python Package Index), a centralized location for Python packages, and targeted both Windows and Mac operating systems.

According to Checkmarx, the malware utilized deceptive graphical user interface to distract victims and a multi-stage infection process that led victims to a fake website.

“The CryptoAITools malware employs a sophisticated multi-stage infection process, leveraging a fake website to deliver its secondary payloads…

A unique aspect of this attack, compared to many malicious packages we have seen in the past, is that the CryptoAITools malware incorporates a graphical user interface (GUI) as a key component of its social engineering strategy.

This GUI appears the moment the second-stage malware is activated and presents itself as an ‘AI Bot Starter’ application. It is designed to distract users and collect sensitive information while the malware operates covertly.”

The attacker also set up a Telegram channel masquerading as the product’s tech support, further tricking users with offers of free trials.

“In the Telegram chat, the attacker employs various tactics to lure potential victims. They offer ‘bot support’ to establish credibility and trust. To entice users, they promote their GitHub repository as hosting their ‘most powerful bot,’ appealing to those seeking advanced trading tools.

The attacker then proposes an attractive offer: a free trial period followed by a monthly subscription model, making the proposition seem both risk-free and professional.”

Checkmarx says the malware had “severe” consequences on its victims, including the potential theft of their identities, browser data, sensitive computer files, and digital assets.

Don't Miss a Beat – Subscribe to get email alerts delivered directly to your inbox

Check Price Action

Follow us on X, Facebook and Telegram

Surf The Daily Hodl Mix

 
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.

Generated Image: Midjourney

The post Crypto Enthusiasts Targeted in Multi-Vector Malware Attack Disguised As Python-Based Trading Tool: Report appeared first on The Daily Hodl.

Read the article at The Daily Hodl

Read More

$4,400 Drained From Bank of America Account After Owner Is Violently Robbed of His Unlocked Phone – Now the Bank Is Refusing To Reimburse: Report

$4,400 Drained From Bank of America Account After Owner Is Violently Robbed of His Unlocked Phone – Now the Bank Is Refusing To Reimburse: Report

Bank of America is reportedly refusing to reimburse a customer whose account was drai...
Apr, 06, 2025
2 min read
by The Daily Hodl
Thousands of Americans’ Personal Information Exposed By Banking Giant Capital One, Alleges New Class Action Lawsuit

Thousands of Americans’ Personal Information Exposed By Banking Giant Capital One, Alleges New Class Action Lawsuit

A massive data breach exposed thousands of Capital One customers’ sensitive data, put...
Apr, 05, 2025
2 min read
by The Daily Hodl
MainNewsCrypto Enthu...

Crypto Enthusiasts Targeted in Multi-Vector Malware Attack Disguised As Python-Based Trading Tool: Report


Oct, 30, 2024
2 min read
by Mehron Rokhy
for The Daily Hodl

Malware disguised as a Python-based trading bot has reportedly targeted crypto traders in a multi-vector supply chain attack.

According to a new blog post by cloud-based cybersecurity firm Checkmarx, crypto enthusiasts have been targeted by advanced malware cloaked as a suite of artificial intelligence (AI)-based crypto trading tools that aim to steal sensitive data and drain crypto wallets.

Checkmarx says the malware was distributed through code-sharing platform GitHub and PyPi (Python Package Index), a centralized location for Python packages, and targeted both Windows and Mac operating systems.

According to Checkmarx, the malware utilized deceptive graphical user interface to distract victims and a multi-stage infection process that led victims to a fake website.

“The CryptoAITools malware employs a sophisticated multi-stage infection process, leveraging a fake website to deliver its secondary payloads…

A unique aspect of this attack, compared to many malicious packages we have seen in the past, is that the CryptoAITools malware incorporates a graphical user interface (GUI) as a key component of its social engineering strategy.

This GUI appears the moment the second-stage malware is activated and presents itself as an ‘AI Bot Starter’ application. It is designed to distract users and collect sensitive information while the malware operates covertly.”

The attacker also set up a Telegram channel masquerading as the product’s tech support, further tricking users with offers of free trials.

“In the Telegram chat, the attacker employs various tactics to lure potential victims. They offer ‘bot support’ to establish credibility and trust. To entice users, they promote their GitHub repository as hosting their ‘most powerful bot,’ appealing to those seeking advanced trading tools.

The attacker then proposes an attractive offer: a free trial period followed by a monthly subscription model, making the proposition seem both risk-free and professional.”

Checkmarx says the malware had “severe” consequences on its victims, including the potential theft of their identities, browser data, sensitive computer files, and digital assets.

Don't Miss a Beat – Subscribe to get email alerts delivered directly to your inbox

Check Price Action

Follow us on X, Facebook and Telegram

Surf The Daily Hodl Mix

 
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.

Generated Image: Midjourney

The post Crypto Enthusiasts Targeted in Multi-Vector Malware Attack Disguised As Python-Based Trading Tool: Report appeared first on The Daily Hodl.

Read the article at The Daily Hodl

Read More

$4,400 Drained From Bank of America Account After Owner Is Violently Robbed of His Unlocked Phone – Now the Bank Is Refusing To Reimburse: Report

$4,400 Drained From Bank of America Account After Owner Is Violently Robbed of His Unlocked Phone – Now the Bank Is Refusing To Reimburse: Report

Bank of America is reportedly refusing to reimburse a customer whose account was drai...
Apr, 06, 2025
2 min read
by The Daily Hodl
Thousands of Americans’ Personal Information Exposed By Banking Giant Capital One, Alleges New Class Action Lawsuit

Thousands of Americans’ Personal Information Exposed By Banking Giant Capital One, Alleges New Class Action Lawsuit

A massive data breach exposed thousands of Capital One customers’ sensitive data, put...
Apr, 05, 2025
2 min read
by The Daily Hodl