BTC $58270.6324
ETH $3301.4664
BNB $400.6794
SOL $110.0515
XRP $0.5824
ADA $0.6271
AVAX $39.6830
DOGE $0.0970
TRX $0.1429
wstETH $3808.1443
DOT $8.3586
LINK $19.1334
WETH $3305.4834
MATIC $1.0428
UNI $11.0186
WBTC $57881.0446
IMX $3.3465
ICP $13.0316
BCH $301.2119
LTC $74.8427
CAKE $3.2026
ETC $28.3635
FIL $7.9610
LEO $4.4139
RNDR $7.4060
KAS $0.1700
HBAR $0.1136
DAI $1.0002
ATOM $11.3163
INJ $41.0291
VET $0.0502
TON $2.1419
OKB $51.8401
STX $3.2222
LDO $3.5190
FDUSD $0.9951
XMR $138.3902
XLM $0.1221
ARB $1.8935
NEAR $3.9358
TIA $16.9317
GRT $0.2829
WEMIX $2.2582
ENS $22.5313
MKR $2167.8555
APEX $2.4646
THETA $1.9298
BTC $58270.6324
ETH $3301.4664
BNB $400.6794
SOL $110.0515
XRP $0.5824
ADA $0.6271
AVAX $39.6830
DOGE $0.0970
TRX $0.1429
wstETH $3808.1443
DOT $8.3586
LINK $19.1334
WETH $3305.4834
MATIC $1.0428
UNI $11.0186
WBTC $57881.0446
IMX $3.3465
ICP $13.0316
BCH $301.2119
LTC $74.8427
CAKE $3.2026
ETC $28.3635
FIL $7.9610
LEO $4.4139
RNDR $7.4060
KAS $0.1700
HBAR $0.1136
DAI $1.0002
ATOM $11.3163
INJ $41.0291
VET $0.0502
TON $2.1419
OKB $51.8401
STX $3.2222
LDO $3.5190
FDUSD $0.9951
XMR $138.3902
XLM $0.1221
ARB $1.8935
NEAR $3.9358
TIA $16.9317
GRT $0.2829
WEMIX $2.2582
ENS $22.5313
MKR $2167.8555
APEX $2.4646
THETA $1.9298
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • New OpcJacker malware targets cryptocurrency and privacy

    Infostealer is distributed through malicious ads and pretends to be harmless software.

    Trend Micro is reporting a new malware sample, OpcJacker, that has been found in the wild since the second half of 2022 during a malicious ad campaign.

    According to Trend Micro, the main features of OpcJacker include:

    registration of keystrokes (keylogging);
    taking screenshots;
    stealing confidential data from browsers;
    loading additional modules;
    replacement of the address of the crypto wallet in the clipboard to intercept the transaction.

    The initial attack vector includes a network of fake websites advertising software and applications related to cryptocurrency. A campaign in February 2023 targeted users in Iran under the guise of providing VPN services.

    The installer files act as a channel for deploying OpcJacker, which is also capable of delivering next-stage payloads such as NetSupport RAT and hVNC connectivity for remote access.

    OpcJacker hides itself with the Babadeda ransomware and uses a configuration file to activate its data collection features. Malware can also launch arbitrary shellcode and executable files.

    "The configuration file format resembles bytecode written in a special machine language, where each instruction is parsed, individual opcodes are obtained, and then a specific handler is executed," Trend Micro said in a statement.

    Given the malware's ability to steal cryptocurrencies from wallets, the campaign is presumed to be financially motivated. However, OpcJacker's versatility also makes it a great malware downloader.

    Author DeepWeb
    The npm repositories flooded with malicious packages that lead to a DoS attack
    Gopuram becomes the main weapon in the attack on cryptocurrency companies

    Comments 0

    Add comment