Trustwave Spiderlabs Researchers Warn of New Strain of Malware Draining Crypto Funds – Security Bitcoin News
According to researchers at Trustwave Spiderlabs, a strain of malware known as Rilide is believed to be helping cybercriminals steal funds from cryptocurrency exchanges. Although the steps taken to tackle this malware are likely to make life more difficult for cybercriminals, two researchers – Pawel Knapczyk and Wojciech Cieslak – said that this alone may not be enough to “completely solve the problem.”
Malicious browser extensions
Researchers at Trustwave Spiderlabs recently said they discovered a new strain of malware that secretly siphons money from crypto wallets. According to the researchers, the malware, known as Rilide, is believed to be masquerading as a legitimate Google Drive extension. In addition to giving cybercriminals the ability to monitor the browsing history of their targeted victims, Rilide enables the injection of “malicious scripts to steal funds from cryptocurrency exchanges.”
In their blog post published on April 4, the two researchers Pawel Knapczyk and Wojciech Cieslak admit that Rilide is not the first malware to use malicious browser extensions. However, the researchers said they have seen how the malware tricks users before draining money from their respective crypto wallets.
“Where this malware differs is that it has the effective and rarely used ability to use fake dialog boxes to trick users into revealing their two-factor authentication (2FA) and then withdraw cryptocurrencies in the background,” the researchers claimed.
While steps such as the pending enforcement of the so-called manifest v3 are expected to make life a little more difficult for cybercriminals, Knapczyk and Cieslak argue that this alone may not be enough “to solve the problem entirely, as most of the functions exploited by Rilide will still be available .”
Meanwhile, in their warning to users, the two researchers reiterated the importance of being “vigilant and skeptical” whenever they receive unsolicited emails. They added that users “should never assume that any content on the Internet is safe, even if it appears to be.” Likewise, users should always strive to stay informed and educated about the latest happenings in the cybersecurity industry.
What are your thoughts on this story? Let us know what you think in the comments section below.
Image credit: Shutterstock, Pixabay, Wiki Commons
Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or an endorsement or recommendation of products, services or companies. Bitcoin.com does not provide investment, tax, legal or accounting advice. Neither the company nor the author is directly or indirectly responsible for damages or losses caused or alleged to be caused by or in connection with the use of or reliance on content, goods or services mentioned in this article.
