Trustwave Spiderlabs Researchers Warn of New Strain of Malware That Drains Crypto Funds
According to researchers at Trustwave Spiderlabs, a strain of malware known as Rilide is believed to be helping cybercriminals steal funds from cryptocurrency exchanges. Although the steps being taken to tackle this malware are likely to make life more difficult for cybercriminals, two researchers — Pawel Knapczyk and Wojciech Cieslak — said this alone may not be enough to “solve the issue entirely.”
Malicious Browser Extensions
Researchers at Trustwave Spiderlabs recently said they discovered a new strain of malware which clandestinely draws funds from crypto wallets. According to the researchers, the malware, known as Rilide, is thought to disguise itself as a legitimate Google Drive extension. Besides giving cybercriminals the ability to monitor the browsing history of their targeted victims, Rilide enables the injection of “malicious scripts to steal funds from cryptocurrency exchanges.”
In their blog post published on April 4, the two researchers Pawel Knapczyk and Wojciech Cieslak concede that Rilide is not the first malware to use malicious browser extensions. However, the researchers said they have seen how the malware tricks users before it drains funds from their respective crypto wallets.
“Where this malware differs is it has the effective and rarely used ability to utilize forged dialogs to deceive users into revealing their two-factor authentication (2FA) and then withdraw cryptocurrencies in the background,” the researchers argued.
While steps such as the pending enforcement of the so-called manifest v3 are expected to make life a little more difficult for cybercriminals, Knapczyk and Cieslak assert that this alone may not be enough “to solve the issue entirely as most of the functionalities leveraged by Rilide will still be available.”
Meanwhile, in their warning to users, the two researchers reiterated the importance of remaining “vigilant and sceptical” each time they received unsolicited emails. They added that users must “never assume that any content on the internet is safe, even if it appears to be.” Similarly, users should always strive to stay informed and educated about the latest events in the cybersecurity industry.
Tags in this story Cyber crimes, cybersecurity, Malware, Pawel Knapczyk, phishing attacks, Wojciech Cieslak
What are your thoughts on this story? Let us know what you think in the comments section below.
FBI Warns About Cryptocurrency Theft Scams Using Play-to-Earn Games SECURITY | Mar 13, 2023 Ransomware Revenue Drops as Victims Pay Less Often, Chainalysis Reports SECURITY | Jan 21, 2023
Image Credits: Shutterstock, Pixabay, Wiki Commons
Tucker Carlson Blames Recent De-Dollarization Movements on Russian Sanctions and US Dollar Weaponization
Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.
Read disclaimerShow comments
More Popular News
In Case You Missed It
Ripple CEO: SEC Lawsuit Over XRP ‘Has Gone Exceedingly Well’
The CEO of Ripple Labs says that the lawsuit brought by the U.S. Securities and Exchange Commission (SEC) against him and his company over XRP “has gone exceedingly well.” He stressed: “This case is important, not just for Ripple, it’s … read more.
Tony Hawk’s Latest NFTs to Come With Signed Physical Skateboards Fidelity Investments Launches Crypto, Metaverse ETFs — Says ‘We Continue to See Demand’ Bitcoin ATM Operator Indicted in New York Allegedly Running Illegal Business Attracting Criminals Ethereum Foundation’s Financial Report Discloses It Holds $1.6 Billion in Assets, 80.5% Held in Ether