Ib hom kab mob tshiab ntawm malware tau kuaj pom hauv cov tsiaj qus uas tsom rau Web3 infrastructure thiab crypto hnab nyiaj.
Cov ntaub ntawv-nyem malware hu ua Luca Stealer tau nthuav tawm txij li nws tau tshaj tawm thawj zaug ntawm Github thaum Lub Xya Hli 3.
cov malware cuam tshuam rau Microsoft Windows operating systems tab sis nws tau sau rau hauv Rust programming lus ua kom yooj yim rau chaw nres nkoj rau MacOS thiab Linux.
Cyble Research Labs nrhiav tau tus neeg nyiag khoom Rust-raws li, piav qhia txog cyber phem hauv a daim ntawv qhia ua ntej lub lim tiam no. Tam sim no nws tau los txog ntawm crypto txiaj kev ruaj ntseg cov tuam txhab xws li hnab tawv me Khwb.
Crypto hnab nyiaj tsom
Raws li cov kws tshawb fawb, Luca Stealer twb tau hloov kho peb zaug. Ntau qhov haujlwm ntxiv tau raug ntxiv thiab ntau dua 25 cov qauv ntawm qhov chaws tau kuaj pom hauv cov tsiaj qus.
Nws cov neeg tsim tawm zoo li yog cov neeg ua yeeb yam tshiab ntawm cov rooj sib tham hacker uas tau xau qhov chaws los tsim lub koob npe nrov rau lawv tus kheej, lawv ntxiv.
Tus neeg nyiag tuaj yeem tsom ntau yam Chromium-based browsers, crypto hnab nyiaj, sib tham thiab tub txib daim ntawv thov, thiab gaming daim ntawv thov. Ntxiv functionality tau muab tso rau hauv thiaj li yuav nyiag tus neeg raug tsim txom cov ntaub ntawv.
Nws siv Telegram bots thiab Discord web-hooks los sib txuas lus thiab xa cov ntaub ntawv rov qab rau cov neeg tawm tsam. Nws tsom mus rau Windows AppData nplaub tshev, tab tom nrhiav rau lub xub ntiag ntawm "logsxc" nplaub tshev. Yog tias tsis muaj tam sim no, tus neeg nyiag khoom tsim cov ntawv tais ceev tseg nrog cov cwj pwm zais kom txuag tau cov ntaub ntawv raug nyiag. Nws kuj tseem tuaj yeem hloov kho Cov Ntawv Teev Tseg kom sim nyiag crypto los ntawm kev hloov pauv qhov chaw nyob hauv hnab nyiaj nrog nws tus kheej.
Luca Stealer lub hom phiaj kaum lub hnab nyiaj txias crypto, suav nrog AtomicWallet, JaxxWallet, thiab Exodus, tau hardcoded txoj hauv kev rau lawv hauv nws qhov chaws. Nws tseem tuaj yeem tsom qhov browser txuas ntxiv ntawm tus tswj hwm tus password thiab cov hnab nyiaj crypto rau ntau dua 20 browsers.
Rust yog loj hlob nyob rau hauv muaj koob meej ntawm cybercriminals raws li nws yuav siv tau los sau malware sai thiab zoo dua li ib txwm programming lus.
Yuav tiv thaiv koj tus kheej thiab koj lub hnab nyiaj li cas
Cov tshuab Windows tuaj yeem kis tus kab mob los ntawm rub tawm cov ntawv xa email tsis txaus ntseeg, dodgy browser txuas ntxiv, lossis nyem spurious social media links rau malware sites.
Malware feem ntau kis tau los ntawm phishing thiab social engineering tawm tsam ntawm kev tshaj xov xwm. Cov neeg raug tsim txom raug ntxias mus nyem ib yam dab tsi phem xa mus rau lawv lossis tso tawm hauv kev tshaj tawm crypto cuav ntawm Facebook lossis Twitter, piv txwv li.
Cov kws tshawb fawb pom zoo kom tsis txhob rub tawm cov ntaub ntawv los ntawm qhov chaw tsis ntseeg. Lawv kuj tau hais kom tshem tawm cov browser caches thiab hloov tus password ntau zaus, ntxiv rau muaj cov software tshiab thiab ruaj khov antivirus thiab tiv thaiv malware.
Kev tshem tawm ntawm phau ntawv tuaj yeem ua tau, tab sis yuav tsum muaj kev paub dhau los ntawm Windows sau npe thiab cov ntaub ntawv kaw lus. Cov thawj coj hauv internet kev ruaj ntseg suites thiab antivirus software yog ib qho kev xaiv ntau dua.
Disclaimer
Txhua yam ntaub ntawv muaj nyob hauv peb lub vev xaib raug tshaj tawm hauv kev ntseeg zoo thiab rau cov ncauj lus dav dav xwb. Txhua yam kev ua txhaum ntawm tus nyeem ntawv yuav siv raws li cov xov xwm pom ntawm peb lub vev xaib yog nruj ntawm lawv tus kheej txoj kev pheej hmoo.
Tau qhov twg los: https://beincrypto.com/new-rust-based-luca-stealer-malware-targets-web3-crypto-wallets/