PennyWise cryptocurrency theft malware spreads via YouTube

PennyWise cryptocurrency theft malware spreads via YouTube

Are you sure your cryptocurrencies are currently well protected? A new strain of malware is currently spreading via YouTube. More than 30 different wallets and browser extensions are at risk.

Watch out for PennyWise

Cyble, a cybersecurity company, reported via a June 30 post that it has been tracking the behavior of the PennyWise malware, which has been spreading via YouTube, since May. Company officials report that the threat continues to grow. The announcement also highlights how many entities have been targeted by the hackers:

“In its current iteration, this stealer can target more than 30 cryptocurrency browsers and applications, such as cryptocurrency cold wallets, cryptocurrency extensions, etc.”

The malware is configured to take data from Chrome and Mozilla browsers, including cryptocurrency extension data and detailed login information. It also has the ability to take screenshots and infiltrate sessions of chat apps such as Discord and Telegram.

Do you own any of the following wallets? – be extra careful!

PennyWise is also proving to be a threat to a number of independent wallets, such as Armory, Bytecoin, Jaxx, Exodus, Electrum, Atomic Wallet, Guarda and Coinomi, as well as others that support Zcash (ZEC) and Ether (ETH). According to Cyble, the malware looks for wallet files in a directory and sends a copy to attackers.

The virus is spread mostly in educational videos about cryptocurrency mining. The advertised mining software, as a rule, is supposed to be free. Cyber criminals encourage viewers to visit a link in the description and download the relevant tools. Viewers are also persuaded to disable antivirus software, allowing the door to be fully opened to PennyWise.

Despite the blockades, the software continues to spread

According to Cyble representatives, the attacker had as many as 80 videos on his channel. However, after they were revealed, the account was instantly blocked. However, this does not change the fact that the malware is still spreading. This often happens through very young accounts, which often have less than 24 hours of existence. 

An interesting fact is that the software is designed in such a way that it does not cause damage to people from the territories of Russia, Ukraine, Belarus and Kazakhstan. In addition, PennyWise converts the victim’s time zone data, for the purposes of attackers, to Moscow standard time. For the company’s analysts, this information provides a potential signal about the physical source of the threat.

Disclaimer: Blockbulletin does not take accountability of investments based on the information of the website. We highly advice readers to make extensive research prior to any invest

Share this article

More news

Ripple

Expert predicts Ripple IPO date

Wall Street financial expert Linda Jones has shared details of Ripple’s anticipated IPO date. Her analysis indicated potential dates, but the current market context and regulatory aspects…
All articles loaded
No more articles to load

Learn

Leveraged trading

Leveraged trading

The cryptocurrency market moves quite fast and offers the public the opportunity to make a lot of money in a…
XRP

How to buy XRP?

Our articles explain a lot about Ripple (XRP). This time we explain how to buy and store the XRP tokens.…
Bitcoin

How to buy Bitcoin (BTC)?

Bitcoin (BTC) is the most popular cryptocurrency in the world. In 2021, as much as 11% of Americans claimed to…
Bitcoin ETF

Bitcoin ETF

The year 2020 was the time when Bitcoin (BTC) attracted institutional interest. It became a serious subject of discourse among…
All articles loaded
No more articles to load

Analyses

All articles loaded
No more articles to load

Latest news

XRP outperforms Bitcoin and Ethereum

In the past week, XRP decisively outperformed its main rivals, Bitcoin (BTC) and Ethereum (ETH), in terms of capital flows. Moreover, it recorded an impressive…
All articles loaded
No more articles to load