A new threat has been discovered for cryptocurrency users searching YouTube for Bitcoin mining software. According to a report, the video platform is being used to propagate crypto-malware.
This cryptocurrency malware, “PennyWise,” deceives victims into downloading apps; that can steal data from 30 crypto wallets and browser extensions.
Key Highlights:
- A cryptocurrency malware called “PennyWise” deceives users into downloading software and steals their personal data.
- In an article, Cyble stated, “Our investigation indicates that the stealer is an emerging threat.”
- The attacker’s channel contained 80 videos as of June 30; the channel has since been identified and removed.
The malware known as “PennyWise”—likely named after the character in Stephen King’s horror novel “It”—had been tracked since May, according to a blog post by cyber intelligence firm Cyble.
In a blog post on June 30, Cyble stated, “Our investigation indicates that the stealer is an emerging threat.”
The data stolen from the user’s computer device came in the form of Chromium and Mozilla browser information, along with the login data and their cryptocurrency extension data. Not only this, but the malware can also take screenshots and steal sessions of chatting software like Discord and Telegram.
This virus purportedly also targets cold crypto wallets like Zcash, Armory, Bytecoin, Jaxx, Exodus, Ethereum, Electreum, Atomic Wallet, Guarda, and Coinomi, in addition to hot wallets.
Cyble said that PennyWise is being pushed by scammers or threat actors as a free Bitcoin mining application in a blog post from June 30. In addition, they have released more than 80 YouTube videos that contain links to download the virus. This malware targets those who use YouTube to search for Bitcoin mining software.
Interestingly, the malware is programmed to terminate itself if it determines that the victim is based in Russia, Ukraine, Belarus, and Kazakhstan. Cyble discovered that when the malware sends the victim’s stolen timezone data back to the attackers, it transforms into Russian Standard Time (RST).
