Advertisement
Warning: New ‘BHUNT’ Malware Targets Crypto Wallets and Passwords
Research done by cybersecurity company Bitdefender has found a new kind of “cryptocurrency stealer” called BHUNT, a form of malware that infiltrates wallet files and other sensitive information in the browser to access a personal wallet and transfer funds to the attackers’ wallet(s).
In a recent whitepaper, Bitdefender’s senior security researcher Janos Gergo Szeles details how BHUNT works. Similar to CryptBot, Redline Stealer and WeSteal, the malware slips in with downloads of cracked or unsecured software in order to gain access to a wallet’s seed or configuration file.
Seven Different Wallets Affected
The document states that BHUNT can exfiltrate contents from Exodus, Electrum, Atomic, Jaxx, Ethereum, Bitcoin and Litecoin wallets along with passwords stored in the browser and phrases used to recover accounts. With information such as this, a hacker can then easily access and transfer crypto straight out of a target’s wallet.
While the malware primarily focuses on stealing information related to cryptocurrency wallets, it can also harvest passwords and cookies stored in browser caches,
Janos Gergo Szeles, senior software engineer, Bitdefender
Hackers and the like have even started targeting Discord servers of crypto and NFT communities to let loose ‘Babadeda’ malware disguised as a legitimate app.
Prevention Better Than Cure
At the moment countries with the highest infection rates include Australia, Egypt, Germany, India, Indonesia, Japan, Malaysia, Norway, Singapore, South Africa, Spain and the US.
As the virus spreads, users should be aware that they could compromise their private information as well as their crypto wallets. By downloading software from unknown vendors, people can potentially expose themselves to malware. This is why it’s important to keep security software up to date to block the installation of unwanted software.
Janos Gergo Szeles, senior software engineer, Bitdefender
The most effective way to defend against this threat is to avoid installing software from untrusted sources and to keep security solutions up to date.
Author
Robert Drage
Robert is a freelance researcher, with a background in information science currently interested in blockchain technology and technical developments in the field.
