As per a report by Forbes, security researchers have warned that the bitcoin blockchain is under an attack by a new strain of the Glupteba malware which is capable of using the bitcoin network to resist attacks itself.

Glupteba Exploits Security Vulnerability To Shield Itself from Attacks

According to TrendMicro’s latest blog which details the recently discovered but undocumented version, it described version was capable of taking over systems in order to mine Monero cryptocurrency and steal sensitive browser data like passwords and cookies.

Analysts also confirmed that this strain of the Glupteba malware also exploits a known security vulnerability in MicroTik routers to modify the target machine into a SOCKS proxy to ensure widespread spam attempts that could threaten Instagram users.

According to the report, the infection has a systematic mode of operation.

A target machine is first hit with a “malvertising attack,” which forces it to download a Glupteba “dropper.”

The dropper will flood the target with various rootkits, backdoors, and other nasties taken from GitHub. It then does the usual stuff like check for antivirus programs, add malicious firewall rules, as well as include itself in defender whitelists.

Most notable, however, is that this malware utilizes Bitcoin to automatically update, ensuring it runs smoothly even if antivirus software blocks its connection to remote command and control (C&C) servers run by the attackers.

Malware Uses Electrum Bitcoin Wallet

The malware makes use of the Electrum bitcoin wallet to make, particularly send bitcoin transactions in order for the attackers to gain access to systems.

“This technique makes it more convenient for the threat actor to replace command and control servers,” Trend Micro researchers wrote. A command and control server is the centralized computer that issues commands to an infected network of devices.
“If they lose control of a command and control server for any reason, they simply need to add a new bitcoin script and the infected machines obtain a new command and control server by decrypting the script data and reconnecting.”

Summary

Security Warning: Bitcoin Blockchain Hijacked By A New Strain Of Malware

Article Name

Security Warning: Bitcoin Blockchain Hijacked By A New Strain Of Malware

Description

security researchers have warned that the bitcoin blockchain is under an attack by a new strain of the Glupteba malware which is capable of using the bitcoin network to resist attacks itself.

Author

Dare Shonubi

Publisher Name

Coingape

Publisher Logo

Disclaimer
The presented content may include the personal opinion of
the author and is subject to market condition.
Do your market research before investing in cryptocurrencies.
The author or the publication does not hold any responsibility
for your personal financial loss.



Share on Facebook



Share on Twitter



Share on Linkedin



Share on Telegram