Rajarshi Mitra
Independent Analyst
- The malware uses the Bitcoin blockchain to update itself continuously.
- Protect yourself against it by not clicking on suspicious links and emails and by keeping your router firmware up-to-date.
As per TrendMicro, cybersecurity researchers have discovered a new strain of the infamous Gluptepa malware. The malware uses the Bitcoin blockchain to stay alive. Analysts confirm that this strain is capable of invading systems to mine Monero and steal sensitive data like passwords and cookies. It also exploits a vulnerability in MicroTik routers to transform target machines into a SOCKS proxy. After that, it executes spam attacks on Instagram users.
The malware uses the Bitcoin blockchain to automatically update and run smoothly even if the antivirus software blocks its connection to remote command and control (C&C) servers run by the attackers. As investigated by TrendMicro’s researchers, Gluptega attackers will first send a Bitcoin transaction via the Electrum wallet. It will then make its way through a public list of the wallet’s servers to find every transaction made by the attacker. Within those transactions, Gluptega will exploit the OP_RETURN opcode containing the encrypted C&C domain. The domain gets decrypted by a ScriptHash string which is hardcoded within the malware.
TrendMicro said:
“This technique makes it more convenient for the threat actor to replace C&C servers. If they lose control of a C&C server for any reason, they simply need to add a new Bitcoin script and the infected machines obtain a new C&C server by decrypting the script data and reconnecting.”
There are two ways to protect yourself against the malware - Don’t click on suspicious links and emails and ensure that your router’s firmware is up-to-date.
Note: All information on this page is subject to change. The use of this website constitutes acceptance of our user agreement. Please read our privacy policy and legal disclaimer. Opinions expressed at FXstreet.com are those of the individual authors and do not necessarily represent the opinion of FXstreet.com or its management. Risk Disclosure: Trading foreign exchange on margin carries a high level of risk, and may not be suitable for all investors. The high degree of leverage can work against you as well as for you. Before deciding to invest in foreign exchange you should carefully consider your investment objectives, level of experience, and risk appetite. The possibility exists that you could sustain a loss of some or all of your initial investment and therefore you should not invest money that you cannot afford to lose. You should be aware of all the risks associated with foreign exchange trading, and seek advice from an independent financial advisor if you have any doubts.
Recommended Content
Editors’ Picks
Chainlink social dominance hits six-month peak as LINK extends gains
-637336005550289133_XtraSmall.jpg)
Chainlink social dominance surged to a six-month peak on Friday as LINK holders increased their activity. LINK traders started taking profits, on-chain data trackers show. LINK price added 6% on Friday, extending its gains from mid-week.
Binance helps Taiwan crack a virtual asset money laundering case, BNB sustains above $570
Binance’s Financial Crimes Compliance (FCC) department joined forces with Taiwan’s Ministry of Justice and helped resolve a case of money laundering worth NT$200 million, or $6.2 million.
Bitcoin Weekly Forecast: Is BTC out of the woods? Premium
Bitcoin price shows signs of continuing its uptrend, providing a buying opportunity between $64,580 to $63,095. On-chain metrics forecast a bullish outlook for BTC ahead. If BTC clears $70,000, the chances of resuming the uptrend would skyrocket.
XRP trades steady at $0.50 as Ripple shares plan to expand services in Africa
Ripple hovers close to $0.51 on Friday, above the psychologically important $0.50 level, as traders await the court ruling of the lawsuit against the US Securities and Exchange Commission and amid new commitments from the firm to expand its services in Africa.
Bitcoin: Is BTC out of the woods? Premium
Bitcoin (BTC) price action in the past two days has confirmed the resumption of the bull run. However, BTC needs to clear a few key hurdles before investors can go all-in.