Skip to main content

Nasty malware targets cryptocurrency wallets — your Ethereum is at risk

Cryptocurrency
(Image credit: Snappa)

Threat analysts have discovered a new info-stealing malware that targets cryptocurrency wallets including Ethereum, along with other popular platforms such as NordVPN, Telegram, Discord and Steam.

Cybersecurity company Trend Micro spotted (opens in new tab) the malware, named Panda Stealer, in early April, and it has already affected countries including the United States, Australia, Japan, and Germany during a spam wave. Yikes. 

As noted in the post (via BGR), the malware spreads via spam emails that mimic business quote requests containing an Excel file with the Panda Stealer loader hidden within. Once opened, the malware gets to work.

Panda Stealer targets an unsuspecting victim's cryptocurrency wallets, including private keys and information regarding past transactions. This information can access different digital wallets including Dash, Bytecoin, Litecoin, and Ethereum.

Unfortunately, threat analysts have also stated it can steal credentials on other privacy-heavy apps, including VPN services such as Nord VPN and messaging apps such as Telegram and Discord.

What's more, it also has the ability to take screenshots of a victim's PC, and exfiltrating data from browsers like cookies, passwords, and cards. During the investigation, Trend Micro found more than 14 users had already been affected by the malware.

With many cryptocurrencies seeing record-breaking spikes lately, including Dogecoin, SafeMoon, and Ethereum Classic, malicious actors take this as their chance to spot vulnerabilities and swipe valuable digital wallets from unsuspecting victims. A recent M1 MacBook malware was all about stealing a user's cryptocurrency information. 

While it's always a good idea to stay clear of suspicious emails, users are still open to attacks. Trend Micro has provided a list of files, domains, and IP addresses that were found during its investigation. For a further breakdown of Panda Stealer and what to look out for, check out the post (opens in new tab)

Darragh Murphy is fascinated by all things bizarre, which usually leads to assorted coverage varying from washing machines designed for AirPods to the mischievous world of cyberattacks. Whether it's connecting Scar from The Lion King to two-factor authentication or turning his love for gadgets into a fabricated rap battle from 8 Mile, he believes there’s always a quirky spin to be made. With a Master’s degree in Magazine Journalism from The University of Sheffield, along with short stints at Kerrang! and Exposed Magazine, Darragh started his career writing about the tech industry at Time Out Dubai and ShortList Dubai, covering everything from the latest iPhone models and Huawei laptops to massive Esports events in the Middle East. Now, he can be found proudly diving into gaming, gadgets, and letting readers know the joys of docking stations for Laptop Mag.