Chisel Malware: Targeting Crypto Wallets and Beyond
No attachments for this post
A recent report by the U.K. government on Sept. 1 revealed a new malware called “Infamous Chisel” which is targeting crypto wallets and numerous Android apps.
The U.K.’s National Cyber Security Centre (NCSC) detailed that this malware searches through directories on compromised devices to extract data. It has successfully targeted three prominent cryptocurrency wallets, namely Binance App, Coinbase Wallet, and Trust Wallet. Additionally, the Brave and Opera browsers, which possess cryptocurrency functionalities, have also been compromised.
Yet, the malware doesn't stop at crypto apps. Its extensive reach makes apps like PayPal, Dropbox, Firefox, Telegram, Skype, WhatsApp, Discord, Viber, and Google Chrome vulnerable, scanning a total of 35 application directories, encompassing certain Android system directories.
While the NCSC report didn't confirm if the malware has led to actual cryptocurrency thefts, it's crucial to note that not all stolen data might give attackers full control over crypto accounts.
The plot thickens with the association of Infamous Chisel to Russia's Sandworm, a notorious, state-backed hacker group connected to Russia’s military intelligence service, GRU. Known for a significant ransomware assault on Ukraine in November 2022 and other previous attacks, Sandworm has now utilized Infamous Chisel to siphon information linked to the Ukrainian military, with no reported profit intentions.
This threat hasn't gone unnoticed. International cybersecurity entities across the U.S., U.K., New Zealand, Canada, and Australia have all acknowledged the peril posed by Infamous Chisel.
Comments on this post
No comments have been added for this post.
You must be logged in to make a comment.