"Hackers Target Cryptocurrency Users With New ElectroRAT Malware"

The security firm Intezer Labs discovered a malware operation in which cybercriminals have created fake cryptocurrency apps containing a new malware strain called ElectroRAT, written in the open-source programming language Go. The campaign was found in December 2020 but is believed to have been actively spreading malware since January 8, 2020. According to Intezer Labs, the hackers behind this campaign relies on three cryptocurrency-related apps named Jamm, eTrade/Kintum, and DaoPoker, which are all hosted on their own websites. The first two apps claim to allow users to trade cryptocurrency, while the third app is gambling-based. ElectroRAT aims to drain cryptocurrency wallets on Windows, Linux, and Mac operating systems. This malware is said to be significantly intrusive in that it is capable of keystroke logging, taking screenshots, downloading files, executing commands, and more, on a victim's console. Intezer Labs suspects that this malware operation has infected at least 6,500 users. This article continues to discuss the discovery, distribution, and capabilities of the ElectroRAT malware targeting cryptocurrency users, as well as the growing popularity of the Go programming language among malware authors.

ZDNet reports "Hackers Target Cryptocurrency Users With New ElectroRAT Malware"