Operating for a year now, insidious malware ElectroRAT is bringing 2020 into 2021 and targeting crypto wallets.
A researcher at cybersecurity firm Intezer has identified and documented the inner workings of ElectroRAT, which has been targeting and draining victims’ funds.
According to the researcher, Avigayil Mechtinger, the malware operation includes a variety of detailed tools that dupes victims, including a “marketing campaign, custom cryptocurrency-related applications and a new Remote Access Tool (RAT) written from scratch.”
The malware is called ElectroRAT because it’s a remote access tool that was embedded in apps built on Electron, an app-building platform. Hence, ElectroRAT.
“It’s unsurprising to see novel malware being published, especially during a bull market in which the value of cryptocurrency is shooting up and making such attacks more profitable,” said Jameson Lopp, chief technology officer (CTO) at crypto custody startup Casa.
Over the past few months, bitcoin and other cryptocurrencies have entered a bull market, seeing prices skyrocket across the industry.
What is ElectroRAT?
ElectroRat malware is written in the open-source programming language Golang, which is good for cross-platform functionality and is targeted at multiple operating systems, including macOS, Linux, and Windows.
As part of the malware operation, the attackers set up “domain registrations, websites, trojanized applications and fake social media accounts,” according to the report.
In the report, Mechtinger notes that while attackers commonly try to collect private keys used to access people’s wallets, seeing original tools like ElectroRAT and the various apps written “from scratch” and targeting multiple operating systems is quite rare.
“Writing the malware from scratch has also allowed the campaign to fly under the radar for almost a year by evading all antivirus detections,” wrote Mechtinger in the report.
Lopp echoed these comments, and said it’s particularly interesting the malware is being compiled for and targeting all three major operating systems.
“The value majority of malware tends to be Windows-only due to the wide install base and the weaker security of the operating system,” said Lopp. “In the case of bitcoin, malware authors may reason that a lot of early adopters are more technical people who run Linux.”
How it works
To lure in victims, the ElectroRat attackers created three different domains and apps operating on multiple operating systems.
The pages to download the apps were created specifically for this operation and designed to look like legitimate entities.
The associated apps specifically appeal to and target cryptocurrency users. “Jamm” and “eTrade” are trade management apps; “DaoPoker” is a poker app that uses cryptocurrency.
Using fake social media and user profiles, as well as paying a social media influencer for their advertising, the attacker pumped the apps, including promoting them in targeted cryptocurrency and blockchain forums like bitcointalk and SteemCoinPan. The posts encouraged readers to look at the professional-looking websites and download the apps when, in reality, they were also downloading the malware.
For example, the DaoPoker Twitter page had 417 followers while a social media advertiser with over 25,000 followers on Twitter promoted eTrade. As of writing, the DaoPoker twitter page is still live.
While the apps look legitimate at first glance on the front end, they are running nefarious background activities, targeting users’ cryptocurrency wallets. They are also still active.
“Hackers want to get your cryptocurrency, and they are willing to go far with it – spend months of work to create fake companies, fake reputation and innocent-looking applications that hide malware to steal your coins,” said Mechtinger.
What it does
“ElectroRAT has various capabilities,” said Mechtinger in an email. “It can take screenshots, key logs, upload folders/files from a victim’s machine and more. Upon execution, it establishes commands with its command-and control-server and waits for commands.”
The report suggests the malware specifically targets cryptocurrency users for the purpose of attacking their crypto wallets, noting that victims were observed commenting on posts related to the popular Ethereum wallet app Metamask. Based on the researchers’ observations of the malware’s behaviors, it’s possible more than 6.5 thousand people had been compromised.
How to avoid it
The first step is the best step and that’s not to download any of these apps, full stop.
In general, when you’re looking into new apps, Lopp suggests avoiding shady websites and forums. Only install software that is well-known and properly reviewed; look for apps with lengthy reputation histories and sizable install bases.
“Don’t use wallets that store the private keys on your laptop/desktop; private keys should be stored on dedicated hardware devices,” said Lopp.
This point reinforces the importance of storing your crypto in cold hardware wallets and writing down seed phrases rather than just storing them on your computer. Both of these techniques make them inaccessible to malware that trolls your online activity.
There are secondary steps that can be taken if you think your computer might have already been compromised.
“To make sure you are not infected we recommend [you] take proactive action and scan your devices for malicious activity,” said Mechtinger.
In the report, Mechtinger suggests that if you think you’re a victim of this scam, you need to kill the processes running and delete all files related to the malware. You also need to make sure your machine is clean and running non-malicious code. Intezer has created Endpoint Scanner for Windows environments and Intezer Protect, a free community tool for Linux users. More detailed information about detection can be found in the original report.
And, of course, you should move your funds to a new crypto wallet and change all your passwords.
A higher bitcoin price attracts more malware
With the price of bitcoin continuing to rise, Mechtinger doesn’t see attacks like this slowing down. In fact, they’re likely to increase.
“There are high capitals at stake, which is classic for financially motivated hackers,” she said.
Lopp said we will see attackers devote greater and greater resources to coming up with new ways to part people from their private keys.
“While a novel attack takes much greater effort to develop, the rewards are also potentially higher because it’s more likely to fool people because the knowledge of that style of attack has not been disseminated through the user base,” he said. “That is, people are more likely to expose themselves to the attack unknowingly.”
Profiting from Crypto: Here’s a tool that’s actually useful
Introduction to Profit Farmers
It’s no hidden secret that Bitcoin has been on a record-breaking bull-run ever since PayPal announced they’d offer their users the ability to use Bitcoin and other altcoins for transactions.
This has led to numerous altcoins rising in value too, riding in the slipstream of Bitcoin’s big rush.
With all these crazy gains being reported, many of us are left wondering;
“How can I best capitalize on crypto’s opportunities without rushing in and making mistakes?”
Well, that’s precisely the question I’ll attempt to answer today.
There’s a crypto trading tool called ProfitFarmers that claims it can help you make more profitable trades without all the stress, staring into charts, and the years of experience otherwise needed.
Their website boasts no commissions or fees on your trades, complete honesty on how their tool functions and a 100% money-back guarantee in the event their tool doesn’t offer you profitable opportunities.
In light of that, you’d be wise to set aside the next 5 short minutes to look into ProfitFarmers with me!
What is ProfitFarmers?
Put simply, ProfitFarmers is a subscription-based service that produces trading signals, which are complete instructions for trading a given coin pairing from entry to exit.
ProfitFarmers is integrated with Binance through an API, so all your trades and profits actualize within your own account on Binance. This also makes it possible for PF to place trade orders on your behalf, saving you time, hassle and preventing accidental errors!
PF’s integration with Binance means you only need to click on a signal from their dashboard, enter how much you wish to trade with, and let ProfitFarmers’ software handle the rest!
ProfitFarmers will perform your trade from entry to exit based on the information programmed within the trading signal.
This also includes a stop-loss function where ProfitFarmers will place an order to sell your coins if the price takes a turn in the wrong direction. Perfect for anyone looking to make their risk management less of a headache to keep ‘on good terms’ with!
With absolutely no commissions or fees on your trades, ProfitFarmers is one of the few platforms where you can make trades knowing 100% of the profits you make are 100% yours to keep.
Better yet, thanks to their 100% money-back guarantee, you can join ProfitFarmers with the assurance that you WILL be presented with a fair amount of trading signals that offer a profitable opportunity each month.
Tools for more experienced traders:
Besides from the main features described above, ProfitFarmers entails a host of tools designed for the more experienced and active traders to make use of. These tools are the Price Action Scanner, RSI Scanner, and a manual trading terminal linked directly to the Binance Exchange.
Maximize your profitability with the manual trading terminal by using some basic chart analysis to achieve close-to-perfect entry and exit points on your trades!
On a bi-weekly and monthly basis, Matthew Tansley (ProfitFarmers founder) creates a video breaking down their trading signal’s performance for everyone to digest.
These breakdowns are particularly beneficial for members, as the videos give valuable insights on what signals, strategies, and coin pairings are trending with the highest profitable performance.
For 6 months their Signal win rate has NOT been below 70%! That’s really impressive…
ProfitFarmers’ signal results & performance breakdowns dating months back are publicly accessible for everyone to go through on their website.
For the month of November, ProfitFarmers produced 256 trading signals, of which 81% hit target 1 (of 4 targets, where the higher the target hit, the higher the % peak gains offered).
Perhaps even more enticing is the fact that 61% of November’s signals hit targets 2,3 or 4, offering even higher money-making opportunities.
Here is the “Average Profit % Per Target” breakdown for the month of November:
Would you like to instantly increase your chances of making more profitable trades today?
If you don’t want to spend years learning and hours stressing & staring into price charts all day, then I’d say ProfitFarmers is your best bet moving forward.
This platform offers tech-savvy answers to some of the biggest questions and pain-points involved with trading crypto. Save yourself the time and hassle by utilizing a tool that has been proven to do a majority of the ‘heavy lifting’ in trading for you.
With trade signals boasting a 78% all-time historical win rate and ProfitFarmers 100% money-back guarantee if that number ever falls below 60%, you can try ProfitFarmers with more peace of mind than any other tool I’ve seen on the market.
To start using ProfitFarmers or learn more about what they do, visit their website here!
Let me know about your experience with ProfitFarmers in the comments below.
How Top U.S universities are privately increasing their Bitcoin holdings
Over the years, the acquisition of Bitcoin amongst investment companies has become a common practice, but the industry looks to be expanding as universities are now securing their spot in the Bitcoin market. According to Coindesk, sources aware of this activity have disclosed that leading U.S institutions have quietly been increasing their Bitcoin assets over the past year.
These are not just any institutions; In fact, these are some of the universities with the highest endowment funds in the United States. Harvard (over $40 billion), Yale (over $30 billion), and Brown ($4.7 billion) are three out of the eight ivy league colleges in the country that are said to be a part of the list. The highly reputable Michigan University ($12.5 billion) is also said to be following in the footsteps of the Ivies. Apparently, Coinbase has been the middleman facilitating the transactions. It was revealed that these institutions have been buying directly from the Coinbase exchange.
The spokesperson who asked to be anonymous told Coindesk that there are a sizeable number of institutions currently pouring funds into crypto assets. “There are quite a few. A lot of endowments are allocating a little bit to crypto at the moment.”
But the interest in cryptocurrencies began in 2019 and Coinbase is being speculated to have held the funds for the institutions for as long as 18 months, according to the source, who notes that said institutions are likely cashing in on a decent return on investment and could possibly make their Bitcoin acquisitions public this year. The source is quoted saying;
“It could be since mid-2019. Most have been in at least a year. I would think they will probably discuss it publicly at some point this year. I suspect they would be sitting on some pretty nice chunks of return.”
Another source who is a part of the crypto hedge fund industry asserted that public pension plans are soon to begin allocations in the coming months.
“We are seeing defined benefit pension plans getting close to making allocations. We are seeing public pension plans getting close to making allocations,”
Ari Paul, the cofounder of BlockTower Capital chimed in saying; “If I had heard that three years ago, I would have said it was wrong,”.
“But a lot of institutions are now comfortable with Bitcoin. They understand it and can just buy it directly, as long as it’s from a regulated entity like Coinbase, Fidelity or Anchorage.”
DeFi Trading Platform dYdX Raises $10m in Latest Seed Round
Venture capital coin is flowing into DeFi like never before as another trading platform hits its target for fundraising. The non-custodial Ethereum-based exchange dYdX has announced that it has raised a $10 million Series B round led by Three Arrows Capital and DeFiance Capital.
New investors include Wintermute, Hashed, GSR, SCP, Scalar Capital, Spartan Group, and RockTree Capital. The announcement added that it had continued support from a16z, Polychain Capital, and Kindred Ventures among others.
— dYdX (@dydxprotocol) January 26, 2021
Millions Pouring into DeFi
dYdX is geared towards more experienced derivatives traders rather than DeFi degens token swapping on Uniswap. Its infrastructure combines non-custodial, on-chain settlement with an off-chain low-latency matching engine with order books to deliver an institutional-grade, liquid, and low slippage trading experience.
Its user base and trade volumes have grown significantly in 2020 as bigger players tend to get more out of DeFi operations than the smaller traders getting stung on gas fees. It added that cumulative trade volume across perpetuals, margin, and spot trading increased 40 times, reaching $2.5 billion in 2020, up from $63 million in 2019.
In February 2021, dYdX will launch Layer 2 solution with StarkWare using zk-Rollups for perpetual contracts.
The announcement added that the funding will be used to decentralize more parts of the stack and hand over more control to users in addition to adding new assets and features to its perpetual contracts. dYdX will also be strategically investing in international growth markets such as Asia, with a focus on China.
The Decentralization Debate
There has also been much debate about whether projects can really call themselves ‘decentralized’ if they’re backed by venture capitalists that will be entitled to a share of any tokens or rewards. In reality, they’re just like corporations with shareholders and the whales will control governance votes and the future direction of the protocol.
Last week, Uniswap founder Hayden Adams responded to a thread started by Synthetix founder Kain Warwick on exactly this subject;
🔥 This thread is great
I might have seemed anti token/ICO in the past but really I think projects should prove themselves before raising huge amounts of $
“VC bad” is lazy virtue signaling
I’m only bullish on projects that prove themselves by building new and useful stuff https://t.co/FVwSddhPrb
— Hayden Adams 🦄 (@haydenzadams) January 20, 2021
DeFi analyst Chris Blec, who has been highly critical of any form of crypto centralization, aptly commented that VC involvement inevitably leads to decisions that are good for founders and strategic investors, but bad for users.
Goldman Sachs CEO: Regulators should be ‘hyperventilating’ at Bitcoin’s success
VanEck files for a ‘Digital Asset ETF’ with the SEC
Litecoin Price Analysis: 22 January
Blockchain-aided voting trials to begin in India
Glassnode predicts BTC break-out as investors refuse to realize losses
BoE Governor: cryptocurrencies of today are destined to fail long term
Blockchain-based COVID-19 passports to begin trials in Q1
Kraken Daily Market Report for January 25 2021
Ultra-rare alien CryptoPunk NFT sells for 605 ETH, or $750,000
Bitcoin in jeopardy, Ether briefly breaks records, Biden takes action: Hodler’s Digest, Jan. 17–23
More institutional adoption as Marathon Patent Group purchases $150M in Bitcoin
11 DeFi Projects Rumored to Be Airdropping Tokens
Bank of England: Current Cryptocurrencies are Unlikely to Last
Canadian VR Company Sells $4.2M of Bitcoin Following the Double-Spending FUD
The past, present and future of AI in gaming
All risk, no gain? The vague definition of stablecoins is causing problems
China to Give Away $4.6M in Digital Yuan as the Country Furthers CBDC Trials
Bitcoin miners facing chip shortage amid skyrocketing demand
Tezos Price Recovers Following DAO Announcement
Wen? Now! BadgerDAO’s synthetic rebasing Bitcoin, DIGG, goes live
Blockchain6 days ago
Ethereum Price Can Skyrocket to $10,500 According to Fundstrat
Blockchain1 week ago
Bitcoin Cash, Zcash, Decred Price Analysis: 17 January
Blockchain7 days ago
TradingView Launches ‘Bitcoin Timeline’ to Show BTC Price Changes With Events
Blockchain1 week ago
Decred co-founder explains the possible effects of a CBDC takeover
Blockchain1 week ago
Ethereum, Monero, Algorand Price Analysis: 17 January
Blockchain1 week ago
Charted: Chainlink (LINK) Remains In Strong Uptrend, Why It Could Test $25
Blockchain1 week ago
Healthcare Jobs of the Future
Blockchain1 day ago
Goldman Sachs CEO: Regulators should be ‘hyperventilating’ at Bitcoin’s success