BluStealer: the clever malware that steals your cryptocurrencies
No matter how evil thieves are, we can only respect their imagination and the efforts they make to adapt to changes in society. A few years ago, they stole your wallet from the street. In 2021, it’s the same story, but a little more virtual. Beware of your cryptocurrencies, they could disappear if you have the misfortune to fall into the scheme we are talking about today.
Contents
Deja vu malware
At present, Crypto.com believes that there is roughly 100 million people around the world who own virtual currencies. A hell of a pool of potential victims for hackers who don’t discriminate and never leave anyone behind. A new threat has been brought to light by researchers at Avast, the IT security specialist that we no longer need to introduce. She takes this time in the form of a spam campaign for the moment mainly affecting the United States, the United Kingdom, Spain, Italy, Argentina, Greece, Turkey, the Czech Republic and Romania.
It all starts with sending a message that appears to come from the sender DHL. The customer is informed that his parcel could not be delivered to him. To re-schedule the delivery, the future victim must then complete a form that is attached to the fraudulent e-mail. If she’s unfortunate enough to just click on it, malware BluStealer, intelligently associated with a .NET Loader module, is installed automatically on his computer. From there, the pirate is in place and begins to rub his hands together.
When the key breaks
Once warm in your hard drive, the “keylogger” malware will record all the keystrokes you make on your keyboard, but not just that. It can also download documents from your computer. More annoying for those who own cryptocurrencies, it is quite able to steal private keys and identifiers directly in wallets. Once done, it is even possible that the victim will be blocked from accessing it. If you have your virtual cash suitcase at ArmoryDB, Bytecoin, Jaxx liberty, Exodus, Electrum, Atomic, Guarda Where Coinomi, know that you are not immune. BlueStealer, which therefore has many qualities (at least if we side with thieves), can thus replace the addresses you copied to your clipboard and replace them with others. In this way, without realizing it, each money transfer is no longer made to your account, but directly to that of the hacker.
Given how much cryptocurrency is on the rise, it is likely that this malicious practice will spread more and more, and even in France, in the coming weeks. What to redouble vigilance not to leave this BluStealer do damage that will be very complicated to repair.
How to protect your cryptocurrencies?
No one is safe when it comes to malware, although with a little savvy BluStealer victims could have avoided the worst. After that, there are two schools when it comes to holding Bitcoin and other cryptocurrencies. The first is to trust your exchange. For example, Coinhouse which is the first player registered with the AMF, the authority which regulates the financial markets in France. Even if it means using a service of this kind, you might as well take a French site that has all the guarantees of a serious platform. With them the commissions are fixed and it is possible to pay by credit card or by transfer. The icing on the cake is that the platform can hold your cryptocurrencies for free.
Also read: Tutorial: How to Easily Buy Bitcoins and Cryptocurrencies from Coinhouse
But if you don’t trust, there’s nothing stopping you from buying your cryptoassets on Coinhouse and transferring them to a hardware wallet like Ledger Nano USB sticks. It is a much better solution than software wallets like Jaxx or Coinomi since the key is not stored on your computer, but in a tamper-proof electronic chip. Worried about losing that USB key or having it stolen? No problem since the Leger Nano have a unique recovery phrase method.