Experts discovered Trojan to steal cryptocurrencies through the extension of Chrome

Malicious software for Windows is disguised as a Google Chrome browser expansion and steal information and cryptocurrencies, Avast experts said.

According to them, we are talking about iteration of the known vipersoftx harmfulness since 2020. Experts appropriated their own name as Rat as RAT – Venomsoftx.

The main source of the spread of Trojan is the pirate torrent files in Adobe Illustrator, Corel Video Studio, Microsoft Office, and T.D. The malware is disguised as a regular line of code in the package magazine file with a hacked program.

“Malicious expansion provides complete access to all the victims of the pages, performs attacks of the“ person in a browser ”type to replace cryptocurrency addresses by falsification of these requests of the API on popular exchanges, steals accounting data, the contents of the exchange buffer and performs many other operations,” experts explained.

Among the most affected countries, they called the United States, India, Italy and Brazil.

Experts estimated that as of November 8, digital assets worth $ 130,421 were received in total on Vipersoftx and Venomsoftx.

Among the target platforms in Troyan are Blockchain.Com, Binance, Coinbase, Gate.Io and Kucoin. Expansion also adds addresses of wallets from the Buffer of the exchange of the victim.

On Blockchain.Com harm also tries to steal passwords introduced by the user, experts added.

Recall that the third quarter of 2022, the total losses of the Web3 ecosystem from hacks and fraud amounted to $ 428.7 million, according to the experts of the Bounty platform Immunefi.

Read the FORKLOG Bitcoin News in our Telegram-cryptocurrency news, courses and analytics.