Russian Hackers Are Using Coronavirus Maps to Attack Ethereum Wallets

Fibo Quantum

The cryptocurrency market was one of the many sectors that have recently been affected by the spread of Coronavirus.

Several countries around the globe have been struck by fear and panic has spread among the masses. In the midst of all this, the bad actors were still trying to stir up the pot in the digital asset industry.

Recent reports indicate that Russian cybercrime forums have played an active role in releasing Coronavirus-related content that would affect users ‘  Ethereum and Electrum wallets. This was done in order to make illegal crypto by bandwagoning the ongoing crisis.

In a warning published on beta.cent.co, holders were told that Russian entities were uploading online interactive COVID 19 maps to supposedly help people.

What participants do not know is that when they click on the map, they are prone to attacks on their Ethereum wallets. Shai Alfasi, a researcher at Reason Labs said:

“The malware specifically seeks out cryptocurrency wallets (including those for Electrum and Ethereum), the Telegram desktop app and Steam accounts. It can also take unauthorized screenshots, resolved and save a victim’s public IP address, and gather information on infect machines, including the OS system, architecture, hostname and username.”

The data breach created by clicking on the COVID 19 maps gives the attackers direct root access. Sources said that NFT creators and blockchain developers will be the most affected by the display of their private keys on the screen.

Attackers usually gain access to the work screen and then take the private keys of the individual user.

The increasing Coronavirus cases across the world have ensured that people take the virus as well as the disease caused by it seriously. In some places, the panic was so intense that citizens were seen raiding supermarkets for unnecessary items.

Hackers have capitalized on this fear as they realized that the average Joe was not very smart. The demand during the disease season has created a vulnerability that malicious actors have quickly taken advantage of.

When users click on the Coronavirus maps. they activate a strain of malicious software known as AZORult. This software was used to steal information such as browsing history, cookies, cryptocurrencies and many more.

AZORult first became public when it was sold on Russian underground forums for collecting sensitive information from unsuspecting users. A different variation of the AZORult also allows hackers to create Remote Desktop Protocol connections on compromised systems.

At a time when more and more people were dying because of the virus, hackers were showing no signs of stopping, In Japan, scammers used an Emotet campaign to attack users with code built into ‘Coronavirus prevention’ documents.

Some were so elaborate that hackers made documents that were supposed to be from the US Centers for Disease Control and Prevention.

Right now it is pretty hard to gauge what impact the virus will have on society in the long run. Every day we see new cases being reported from multiple regions and governments were struggling to keep up with the demands.

Financial regulators will have to be careful while scanning through happening because hacks such as the one mentioned earlier might get lost in the ongoing chaos.