Cryptocurrency Wallets Targeted by New Malware “DoubleFinger”
Recent reports from Kaspersky have revealed a new malware threat targeting cryptocurrency wallets, known as “DoubleFinger.” The security experts at Kaspersky discussed the details of this threat in a blog post released on Monday.
Advanced Threat Tactics
According to Sergey Lozhkin, a lead security researcher at Kaspersky’s Global Research and Analysis Team (GReAT), cybercriminals are increasingly targeting cryptocurrency wallets due to the rising value and popularity of digital currencies. The DoubleFinger malware employs a sophisticated multistage attack method that resembles an advanced persistent threat (APT).
The initial stage of the attack involves a malicious email attachment containing a PIF file, which triggers a chain of events leading to the installation of DoubleFinger on the victim’s system. The malware then proceeds to download encrypted components from Imgur.com, disguised as PNG files, to execute subsequent stages of the attack.
GreetingGhoul Crypto Stealer
One of the key components of the DoubleFinger malware is the GreetingGhoul crypto stealer, which is designed to target cryptocurrency wallets on the infected system. This malicious software is capable of stealing valuable data such as private keys and seed phrases, as well as intercepting user input to control and withdraw funds from crypto wallets.
In some instances, DoubleFinger also installs the remote access Trojan Remcos, giving cybercriminals complete control over the compromised system.
Protecting Crypto Wallets
To safeguard cryptocurrency wallets from threats like DoubleFinger, Kaspersky recommends various security measures such as being cautious of scams, diversifying wallet usage, addressing vulnerabilities in cold wallets, and purchasing hardware wallets from reputable sources. Lozhkin emphasizes that protecting crypto assets is a collaborative effort involving wallet providers, individuals, and the broader cryptocurrency community.
By remaining vigilant, implementing robust security protocols, and staying informed about the latest threats, users can mitigate the risks associated with cryptocurrency theft and ensure the safety of their digital assets.
Recent Developments
Kaspersky’s findings on DoubleFinger come in the wake of recent news involving two Russian nationals charged with stealing millions from the defunct crypto exchange Mt Gox. These incidents underscore the importance of maintaining strong cybersecurity practices in the cryptocurrency space.