Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Windscribe
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 2 Vote(s) - 1.5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News CookieMiner Malware Can Steal Crypto Exchange Cookies, Saved Passwords and iPhone SMS
#1
[Image: hacker-keyhole-silhouette-illustration.jpg?imwidth=450]

    A new type of malware has been discovered, nicked-named 'CookieMiner' for its ability to steal cryptocurrency exchange cookies from the browser. Also included are is its ability to steal SMS messages, and financial and personal credentials from browsers. This has all been compiled by researchers, and it leads them to believe that this deadly new malware could let an attack bypass multi-factor authentication.  

  This malware is mostly a scare for Mac users. It does have the ability to download a base64-encoded Python script that is uses to retain a connection to the victim's computer. 

  How the malware starts its attack, is that it begins with a shell script in order to steal browser cookies, and sends a copy of them to a folder on a remote server. It then proceeds to target cookies associated with various crypto-exchanges. On top of all of this, it also installs a crypto-miner that utilizes the CPU [Not the GPU] in order to mine Koto, a Zcash based cryptocurrency. 


  The researchers also stated the following: 


  CookieMiner downloads a Python script named “harmlesslittlecode.py” to extract saved login credentials and credit card information from Chrome’s local data storage. CookieMiner adopts techniques from the Google Chromium project’s code for its decryption and extraction operations and abuses them.”

  
  Above all of this, the fact that the malware is able to use browser cookies, its speculated that it may be able to bypass certain login conditions on websites,  and hence, the website would never send an alert or notification that there had been suspicious logins by a user. 

  There has been no mode of entry that has been identified, but researchers involved in the matter stated that all users of a crypto wallet and/or exchange should keep a close eye on their wallets.

  
    Original article can be found here.


     That was  the news folks, have a good week, and stay safe out there.



     ---Mad-Architect
01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
Star News Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution - CXSecu News 0 59 09-18-2020, 08:12 AM
Last Post: News
Smile News Critical Vulnerability In Bisq Crypto Exchange Exploited For Some Users Mr.Kurd 0 347 04-10-2020, 02:46 PM
Last Post: Mr.Kurd
Shocked News Dark_nexus botnet outstrips other malware with new, potent features Mr.Kurd 0 399 04-08-2020, 08:52 AM
Last Post: Mr.Kurd
Star News Microsoft Edge Now Alerts Users Of Breached Passwords Mr.Kurd 0 388 04-03-2020, 08:09 AM
Last Post: Mr.Kurd
Exclamation News Hackers Deliver LimeRAT Malware Using Password Protected Excel Spreadsheet’s Mr.Kurd 0 378 04-01-2020, 11:17 AM
Last Post: Mr.Kurd
Rainbow News Tekya Clicker Malware Hides in 56 Apps that Downloaded 1 Million Times on GooglePlay Mr.Kurd 0 332 03-27-2020, 11:47 AM
Last Post: Mr.Kurd
Question News New Android Cookie-Stealing Malware Found Hijacking Facebook Accounts Mr.Kurd 0 316 03-13-2020, 11:15 AM
Last Post: Mr.Kurd
Wink News Hackers Hijack Windows 10 RDP ActiveX Control To Download TrickBot Malware Mr.Kurd 0 368 03-01-2020, 03:32 PM
Last Post: Mr.Kurd
Wink News Raccoon malware affects all browsers Mr.Kurd 0 319 02-29-2020, 07:29 AM
Last Post: Mr.Kurd
Big Grin News Google’s Chrome 80 clamps down on cookies and notification spam Mr.Kurd 0 494 02-06-2020, 01:55 PM
Last Post: Mr.Kurd



Users browsing this thread: 1 Guest(s)