BTC $63442.8276
ETH $3469.7477
BNB $414.4838
SOL $128.8578
XRP $0.6333
ADA $0.7553
DOGE $0.1556
AVAX $42.2817
DOT $9.6926
wstETH $4022.3454
TRX $0.1396
LINK $20.2249
WETH $3455.5461
MATIC $1.0912
UNI $12.3248
WBTC $63402.0644
BCH $454.1971
LTC $89.7149
IMX $3.2697
ICP $13.1197
FIL $10.0810
CAKE $3.2889
ETC $33.3804
LEO $4.7626
ATOM $12.4298
RNDR $7.5236
TON $2.6714
KAS $0.1683
HBAR $0.1120
INJ $39.9268
DAI $0.9998
OKB $57.5556
VET $0.0485
STX $3.0863
FDUSD $0.9998
WEMIX $2.8006
XLM $0.1364
NEAR $4.5218
PEPE $0.0000
XMR $146.1340
LDO $3.3155
GRT $0.3143
ARB $1.9894
THETA $2.3291
TIA $15.9776
ENS $21.4774
CRO $0.1387
BTC $63442.8276
ETH $3469.7477
BNB $414.4838
SOL $128.8578
XRP $0.6333
ADA $0.7553
DOGE $0.1556
AVAX $42.2817
DOT $9.6926
wstETH $4022.3454
TRX $0.1396
LINK $20.2249
WETH $3455.5461
MATIC $1.0912
UNI $12.3248
WBTC $63402.0644
BCH $454.1971
LTC $89.7149
IMX $3.2697
ICP $13.1197
FIL $10.0810
CAKE $3.2889
ETC $33.3804
LEO $4.7626
ATOM $12.4298
RNDR $7.5236
TON $2.6714
KAS $0.1683
HBAR $0.1120
INJ $39.9268
DAI $0.9998
OKB $57.5556
VET $0.0485
STX $3.0863
FDUSD $0.9998
WEMIX $2.8006
XLM $0.1364
NEAR $4.5218
PEPE $0.0000
XMR $146.1340
LDO $3.3155
GRT $0.3143
ARB $1.9894
THETA $2.3291
TIA $15.9776
ENS $21.4774
CRO $0.1387
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • New OpcJacker malware targets cryptocurrency and privacy

    Infostealer is distributed through malicious ads and pretends to be harmless software.

    Trend Micro is reporting a new malware sample, OpcJacker, that has been found in the wild since the second half of 2022 during a malicious ad campaign.

    According to Trend Micro, the main features of OpcJacker include:

    registration of keystrokes (keylogging);
    taking screenshots;
    stealing confidential data from browsers;
    loading additional modules;
    replacement of the address of the crypto wallet in the clipboard to intercept the transaction.

    The initial attack vector includes a network of fake websites advertising software and applications related to cryptocurrency. A campaign in February 2023 targeted users in Iran under the guise of providing VPN services.

    The installer files act as a channel for deploying OpcJacker, which is also capable of delivering next-stage payloads such as NetSupport RAT and hVNC connectivity for remote access.

    OpcJacker hides itself with the Babadeda ransomware and uses a configuration file to activate its data collection features. Malware can also launch arbitrary shellcode and executable files.

    "The configuration file format resembles bytecode written in a special machine language, where each instruction is parsed, individual opcodes are obtained, and then a specific handler is executed," Trend Micro said in a statement.

    Given the malware's ability to steal cryptocurrencies from wallets, the campaign is presumed to be financially motivated. However, OpcJacker's versatility also makes it a great malware downloader.

    Author DeepWeb
    The npm repositories flooded with malicious packages that lead to a DoS attack
    Gopuram becomes the main weapon in the attack on cryptocurrency companies

    Comments 0

    Add comment