A deadly strain of malware is hitting the bitcoin blockchain. Known as Glupteba malware, it uses the bitcoin network to resist potential attacks, according to cybersecurity researchers.
Glupteba Isnâ€™t Going Anywhere
Glupteba is dangerous in the sense that it uses the blockchain to update itself. This means that regardless of how the blockchain changes or grows in the future, the malware changes with it, so it can continue to run even if itâ€™s blocked by a deviceâ€™s antivirus software.
First discovered in late 2018, the malware spreads to mobile or computer devices through script advertising. It can steal website cookies, browsing history, passwords and account names, along with other personal information that is often shared between websites and internet sources.
However, researchers also say it is being used to mine the Monero currency, which makes it a form of crypto jacking software. Crypto jacking has become a highly popular method amongst hackers looking to obtain coins and digital assets that arenâ€™t theirs. The malware infects a computer system, which allows the hacker in question to utilize someoneâ€™s computer to mine cryptocurrencies without the original ownerâ€™s permission or knowledge.
Typically, Monero is the cryptocurrency of choice amongst hackers that employ crypto jacking methods given its quasi-anonymous properties. All the while, the hacker is mining new coins and making a solid profit while the original owner earns nothing unless one counts the high energy bills that theyâ€™re forced to pay each month.
Lastly, researchers claim that the malware can potentially be used to infiltrate peopleâ€™s Instagram accounts. It also utilizes the Electrum bitcoin wallet to transfer any funds a hacker may have mined or stolen and to gain access to additional systems.
Trend Micro researchers explain:
This technique makes it more convenient for the threat actor to replace command and control servers. If they lose control of a command and control server for any reason, they simply need to add a new bitcoin script and the infected machines obtain a new command and control server by decrypting the script data and reconnecting.
Maybe Safety Needs to Be Boosted
Command and control servers are centralized networks that issue digital commands to infected devices, thereby allowing the malware to move about freely.
Recently, legendary investor Mark Mobius claimed that the blockchain wasnâ€™t as safe as we all thought, and after reading this story, itâ€™s easy to see heâ€™s probably right. While the bitcoin blockchain is often touted as one of the most secure forms of new technology to exist today, the crypto market is still wrought with problems that can potentially lead oneâ€™s private data to wind up in the wrong hands. Malware seemingly has a way of appearing when we least expect and in ways weâ€™re not used to.
Cryptocurrency is a digital currency that uses encryption (cryptography) to regulate the generation of currency and verify the transfer of funds, independently of a central bank. Cryptography is the practice and study of techniques for secure communication in the presence of third party adversaries.
Blockchain 101 · Crytpo Currency Market
Trezor: Hardware Wallet
Binance: Exchange for Traders
Ledger Nano S: Hardware Wallet
Coinbase: Exchange for Investors
CoinSwitch: Wallet-to-Wallet Exchange