Internet infrastructure firm Juniper Networks finds new spyware that uses Telegram app to replace crypto addresses with its own.
Amerian Internet infrastructure firm Juniper Networks has found a new spyware that uses Telegram app to replace crypto addresses with its own.
Masad Clipper and Stealer
Juniper Threat Labs, a threat intelligence portal at Juniper Networks (NYSE: JNPR), discovered a new Trojan-delivered malware implementing major global messaging app Telegram to exfiltrate stolen information, according to threat research released on Sept. 26.
Reportedly circulating under the name “Masad Clipper and Stealer” on black market forums, the spyware is capable of stealing a broad list of browsing data, including usernames, passwords, credit card information.
Moreover, the malware also includes a function that replaces cryptocurrency wallets from the clipboards with the one by the attacker’s party. According to the report, the spyware’s clipping supports a number of major cryptos such as Bitcoin (BTC), Ether (ETH), XRP, Bitcoin Cash (BCH) and Litecoin (LTC), among others.
Ongoing threat signals
Specifically, the malware uses Telegram as a Command and Control (CnC) channel, which reportedly allows the malware some anonymity. This malware is written using Autoit scripts and then compiled into a Windows executable, according to the report. After being installed, Masad Stealer starts by collecting sensitive information from the system like crypto wallet addresses, credit card browser data, PC and system information.
According to Jupiter Threat Labs, Masad Stealer sends all collected information to a Telegram bot managed by the threat actor, which also sends commands to the spyware.
The security portal concluded that Masad Stealer is an active and ongoing threat Command and Control bots were still alive at the time of publication.
Meanwhile, Telegram released a wallet for its TON Blockchain’s native token Gram in the app’s alpha version for iOS on Sept. 26. On Sept. 24, Telegram announced a bug bounty competition within its new smart contract coding contest.
Source: , CoinTelegraph
Articles listed with Cash Tech News as the author are either general information, or may have been imported from another website, to bring our readers a rich media experience that encompasses articles that we find interesting, as well as those curated by others.
The views and opinions expressed here are for informational purposes only, and should not be confused with professional financial advice. These opinions are solely those of the author and do not necessarily reflect the views of CashTechNews.com. Every investment and trade involves risk. You should conduct your own research, and contact your professional financial advisor before making any investment.
Corrections, feedback, and ideas should be submitted through the website contact form.