This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties. Members and Law enforcement use only. Contact us for any permissions. To do otherwise will result in the loss of membership.
Complete Story
09/03/2020
Newly-discovered KryptoCibule malware has been stealing and mining cryptocurrency since 2018
The State of Security
Security researchers at Slovak security firm ESET have discovered a new family of malware that they say has been using a variety of techniques to steal cryptocurrency from unsuspecting users since at least December 2018.
The malware, which has been named KryptoCibule, uses a variety of legitimate technology – including Tor and the Transmission torrent client – as part of its scheme to mine cryptocurrency, divert digital currency transactions into its creators’ own accounts, and plant a backdoor for hackers to remotely access infected systems.
KryptoCibule poses a three-pronged threat when it comes to cryptocurrency.
Firstly, it exploits the CPU and GPU of infected computers to mine for Monero and Ethereum. In an attempt to avoid detection by the legitimate user of the computer, KryptoCibule monitors the battery level of infected devices and will not do any mining if the battery is at less than 10% capacity.
If the battery level status is between 10% and 30%, however, Ethereum-mining via the GPU is suspended and only Monero-mining via the CPU takes place, albeit limited to one thread.
However, if the battery level is 30% or more and there has been no user activity for the last three minutes, “both the GPU and CPU miners are run without limits.”
Alerts
The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.
more information
Resources
Your electronic library to help in fighting financial fraud for all of our partners.
more information