Free BTC in exchange for a Trojan that steals passwords

Free BTC in exchange for a Trojan that steals passwords

On the websites offer a free Ethereum, advertised a new fraudulent scheme in which is an attraction of unprecedented generosity on the free distribution of bitcoin.

New cryptogam was discovered by independent security researcher, known on Twitter as Frost.

A day scammers offer free bitcoins for $ 5-30, you just need to run the program Bitcoin Collector. In fact, when you press the button on the device gullible Amateur free lunch will be installed with malware – Trojans that steals passwords.

A similar program can be found on fraudulent sites (eg ethmoney.club), offering 3 ETH those who are successful will attract 1,000 new visitors.

When you click on the above mentioned advertising “earn $ 15-45 daily FREE BTC and automatically” you are taken to another page containing a link to download the program Bitcoin Collector.

To confuse users, next to the button there is a link to free scanner VirusTotal. It is as if convinced that people do not risk anything and their safety is guaranteed.

TL; DR downloads a Trojan file that infects a computer and automatically runs a malicious program.

In an earlier version was used by the extortionist HiddenTear called “Marozka Tear Ransomware”, which when run showed the following message:

“All the information on your computer have been encrypted using a special algorithm, and the files are formatted in a special way. Can be restored only with a password that only we know, to pick up its impossible. Reinstallation of the OS will have no effect, neither a system administrator in the world will not solve this problem without knowing the password. You should not modify the files, but you can zabekapit. Write to us on email to make things right. Countdown 48 hours have gone, if the files are not decrypted for the specified time, they will be removed”.

According to the BleepingComputer team, the latest version is more dangerous because the built-in Trojan is capable of stealing credentials for visited websites, take screenshots, get browser history, steal files from the infected computer and the keys to cryptocurrency wallets.

News tags
Let's Disqus