PennyWise cryptocurrency theft malware spreads via YouTube

PennyWise cryptocurrency theft malware spreads via YouTube

Are you sure your cryptocurrencies are currently well protected? A new strain of malware is currently spreading via YouTube. More than 30 different wallets and browser extensions are at risk.

Watch out for PennyWise

Cyble, a cybersecurity company, reported via a June 30 post that it has been tracking the behavior of the PennyWise malware, which has been spreading via YouTube, since May. Company officials report that the threat continues to grow. The announcement also highlights how many entities have been targeted by the hackers:

“In its current iteration, this stealer can target more than 30 cryptocurrency browsers and applications, such as cryptocurrency cold wallets, cryptocurrency extensions, etc.”

The malware is configured to take data from Chrome and Mozilla browsers, including cryptocurrency extension data and detailed login information. It also has the ability to take screenshots and infiltrate sessions of chat apps such as Discord and Telegram.

Do you own any of the following wallets? – be extra careful!

PennyWise is also proving to be a threat to a number of independent wallets, such as Armory, Bytecoin, Jaxx, Exodus, Electrum, Atomic Wallet, Guarda and Coinomi, as well as others that support Zcash (ZEC) and Ether (ETH). According to Cyble, the malware looks for wallet files in a directory and sends a copy to attackers.

The virus is spread mostly in educational videos about cryptocurrency mining. The advertised mining software, as a rule, is supposed to be free. Cyber criminals encourage viewers to visit a link in the description and download the relevant tools. Viewers are also persuaded to disable antivirus software, allowing the door to be fully opened to PennyWise.

Despite the blockades, the software continues to spread

According to Cyble representatives, the attacker had as many as 80 videos on his channel. However, after they were revealed, the account was instantly blocked. However, this does not change the fact that the malware is still spreading. This often happens through very young accounts, which often have less than 24 hours of existence. 

An interesting fact is that the software is designed in such a way that it does not cause damage to people from the territories of Russia, Ukraine, Belarus and Kazakhstan. In addition, PennyWise converts the victim’s time zone data, for the purposes of attackers, to Moscow standard time. For the company’s analysts, this information provides a potential signal about the physical source of the threat.

Disclaimer: Blockbulletin does not take accountability of investments based on the information of the website. We highly advice readers to make extensive research prior to any invest

Share this article

More news

All articles loaded
No more articles to load

Learn

Bitcoin blocks

What are Bitcoin blocks?

Bitcoin (BTC) is currently one of the most popular digital currencies in the world. How does it differ from the…
Bitcoin forks

Bitcoin forks

Bitcoin’s history, although short, is quite bumpy. The reason for this is not only the dynamic price movements or the…
Ripple

What is XRP?

XRP is one of the top cryptocurrencies on the market. A project with a long and also quite controversial history…
What is Vechain VET

What is Vechain (VET)

The next cryptocurrency we take under the microscope is VeChain (VET). We will take a look at what sets it…
what is uniswap uni

What is Uniswap (UNI)?

In the article titled “What is Binance Coin (BNB),” we illustrated an exchange that, for the purpose of its business,…
Terra LUNA

What is Terra (LUNA)?

This time we take a look at another project that dived deep into the hearts of investors. What exactly is…
What is Stellar Lumens XLM

What is Stellar Lumens (XLM)

Some projects in the cryptocurrency world, although independent, are interrelated. One example is Litecoin, commonly referred to as Bitcoin’s little…
All articles loaded
No more articles to load

Analyses

All articles loaded
No more articles to load

Latest news

All articles loaded
No more articles to load