New BHUNT Stealer: Targeting Crypto Currency Wallets

Expert researchers detected BHUNT, a new evading cryptocurrency stealer that may steal data such as wallet contents (Bitcoin, Exodus, Atomic, Electrum, Jaxx, Ethereum, Litecoin wallets), browser passwords, and clipboard data. Bitdefender examined samples that used encrypted config scripts retrieved from accessible Pastebin domains. The samples found appear to have already been electronically signed using a certificate issued by a software company; however, the certificate doesn't fit the binaries. The cryptocurrency hacker seems to have a modular design, with the following modules being examined by the researchers: • Blackjack: wherein they take files from your wallet • Chaos-crew: enable persistence as well as download additional payload with • Sweet Bonanza: A tool that allows for harvesting passwords from compatible browsers (i.e., Firefox, Internet Explorer, Chrome, Safari, and Opera) • Golden7: steals account tokens and passwords from the clipboard in Chrome and Firefox. • Mrpropper – removes infected system artifacts Tips to follow • Installing software from untrusted sources is never a good idea. • Maintain your security program up-to-date, and never turn it off, particularly if it prevents this kind of software from being installed." BHUNT #Attacks #Cybersecurirt #News # Crypto #Wallets