ElectroRAT: New Malware Targets Crypto Users on Windows, Linux, and Mac Devices

Over the past year, the cryptocurrency industry has gained a massive amount of growth in adoption, development, and awareness. This, on the other hand, has called the attention of malicious people, who are targeting cryptocurrency users with lots of fake and trojanized applications.

In a recent report, the cybersecurity researchers at Intezer informed about a so-called ElectroRAT malware, which has been developed to steal cryptocurrencies from popular operating systems. 

ElectroRAT targets multiple operating systems

According to the cybersecurity researchers, the malware is estimated to have been active since January 2020, although they only learned about it in December.

So, over the estimated time, the wide-ranging malicious operation with malware has been to steal private keys to cryptocurrency from affected users. “This extensive operation is composed of a full-fledged marketing campaign, custom cryptocurrency-related applications, and a new Remote Access Tool (RAT) written from scratch,” they wrote. 

ElectroRAT is designed to run with three different malicious applications for several operating systems, precisely Windows, Linux, and Mac.

For this reason, the malware is able to target cryptocurrency users on these popular operating systems. However, crypto users can only be affected if they download the malicious applications, which the attackers promote as a very successful trading instrument or a medium for processing several crypto transactions from a single interface.

Thousands Already Affected by ElectroRAT

By estimation, the researchers said in the report that thousands of cryptocurrency users have been infected with the ElectroRAT malware. This is “based on the number of unique visitors to the pastebin pages used to locate the command and control servers.”

One safety rule for keeping crypto is to not download any related, and unknown application pitched on any platform without thorough research. As reported, these trojanized applications were promoted on social media platforms and online forums. Secondly, it’s also advisable not to store your private keys online.