Blackberry Cybersecurity Division Identifies Top Crypto Malware Amid Soaring Digital Asset Attacks

cryptonews.com:

The cybersecurity division of Blackberry, a former smartphone giant, has highlighted the most notorious malware families targeting cryptocurrencies.

In a ‘Global Threat Intelligence Report’ published Thursday, between March and May, Blackberry stopped over 1.5 million cyberattacks, that hit the finance, healthcare and government sectors hard.

“During this reporting period, BlackBerry telemetry observed a continuous trend in the use of commodity malware such as RedLine, which can harvest information including saved credentials, credit card information, and cryptocurrency,” the report noted.

Malware families including SmokeLoader, RaccoonStealer and Vidar have been specifically designed to hijack computers for crypto mining or theft.

For instance, SmokeLoader, a rogue financial tool, was primarily used by Russia-based bad actors to load an array of malware including crypto miners. RaccoonStealer is yet another malware “that obtains browser cookies, passwords, auto-fill web browser data, and cryptocurrency wallet data.” This malware is reportedly being sold across the dark web.

Vidar, which usually targets the Linux operating system, extracts information from cryptocurrency wallets and exchanges. Blackberry advised several organizations to regularly apply security patches to protect against hackers trying to exploit Linux OS for crypto mining. 

“Vidar harvests banking information, browser credentials, and cryptocurrency wallets, as well as standard files,” the company wrote.

Perpetrators apparently induced Prometei botnet, which has been active since at least 2020, to Linux-based servers, to mine cryptocurrencies like Monero. This tool was particularly difficult to trace and stop, given Prometei’s advanced features that use