Masaüstü Reklam
Eset Kripto Para Calan Sahte Whatsapp Ve Telegram Uygulamalari Tespit Etti 6802.jpg

ESET detects fake WhatsApp and Telegram apps stealing cryptocurrencies

ESET Research detects WhatsApp and Telegram apps that steal cryptocurrencies and contain trojans with new features

Cybersecurity company ESET has detected the first instance of a malware called clipper, which is embedded in instant messaging applications and can retrieve information from the display clipboard. Threat actors enable users to download Telegram and WhatsApp applications, modified by incorporating Trojan horses, on their Android and Windows devices via fake websites.

Thanks to these fake apps, they can track victims’ cryptocurrencies. The malware can replace the cryptocurrency wallet addresses sent by the victim from the chat application with the addresses belonging to the attacker. They can abuse optical character recognition to extract text from the display clipboard and steal account recovery codes for the cryptocurrency wallet.

ESET researchers have identified trojanized versions of WhatsApp and Telegram apps, as well as dozens of copycat websites for those instant messaging apps specifically targeting Android and Windows users. Most of the detected malware is clipper, a type of malware that steals or alters clipboard contents. All of the software in question tries to steal victims’ cryptocurrencies, while some target cryptocurrency wallets. For the first time, ESET Research has detected Android-based clipper software specifically targeting instant messaging apps. Also, some of these apps use optical character identification (OCR) to extract text from screenshots saved on compromised devices. This is another first for Android-based malware.

Scammers are trying to seize cryptocurrency wallets via instant messaging apps

When the language used in the imitation applications was examined, it was revealed that the people using these software were especially targeting Chinese-speaking users. Since the use of both Telegram and WhatsApp in China has been prohibited since 2015 and 2017, respectively, people who wanted to use these applications had to resort to indirect means. The threat actors in question first set up Google Ads, which redirects them to fake YouTube channels, and then redirects users to copycat Telegram and WhatsApp websites. ESET Research reported the fake ads and related YouTube channels to Google, and Google immediately discontinued all of these ads and channels.

ESET researcher Lukáš Štefanko, who detected Trojan-hidden applications, said: “The main purpose of the clipper software we detected is to intercept the victim’s messages and replace the sent and received cryptocurrency wallet addresses with the addresses belonging to the attacker. Besides the trojan-disguised Android-based WhatsApp and Telegram apps, we also detected trojan-hidden Windows versions of the same apps.”

Trojan-disguised versions of these apps have different features, although they serve the same purpose. The reviewed Android-based clipper software is the first Android-based malware to use OCR to read text from screenshots and photos stored on the victim’s device. OCR is used to find and play the key phrase. The key phrase is a mnemonic code, a set of words used to recover cryptocurrency wallets. As soon as the malicious actors get hold of the key phrase, they can directly steal all the cryptocurrencies in the respective wallet.

The malware replaces the victim’s cryptocurrency wallet address with the attacker’s chat address. It does this with addresses either directly in the program or dynamically obtained from the attacker’s server. In addition, the software monitors Telegram messages to detect specific keywords related to cryptocurrencies. As soon as the software detects such a keyword, it forwards the entire message to the attacker’s server.

ESET Research has detected Windows-based Telegram and WhatsApp installers containing remote access trojans (RATs), as well as Windows versions of these wallet address-altering clipper software. Based on the application model, it was discovered that one of the Windows-based malicious packages is not clipper software, but RATs that can take complete control of the victim’s system. Thus, these RATs can steal cryptocurrency wallets without intercepting the application flow.

Lukáš Štefanko advises: “Install apps only from reliable and reliable sources, such as Google Play Store, and do not store unencrypted pictures or screenshots containing important information on your device. If you think you have a Trojan-disguised Telegram or WhatsApp application on your device, manually uninstall these applications from your device and download the application either from Google Play or directly from the legitimate website. If you suspect you have a malicious Telegram app on your Windows-based device, use a security solution that detects and removes the threat. The only official version of WhatsApp for Windows is currently available in the Microsoft store.”

Source: (BYZHA) – Beyaz News Agency

Masaüstü Reklam

The Bağ 2 Exhibition Meets Art Enthusiasts In En Passant Istanbul
The “Bağ 2” Exhibition Meets Art Enthusiasts in EN PASSANT Istanbul
Çubuklu Sevda A Tale Of Fenerbahçe And Love By Hakan Altıner
Çubuklu Sevda: A Tale of Fenerbahçe and Love by Hakan Altıner
A Deep Analysis Of Cinema And Esotericism By Eray Emin Aydemir
A Deep Analysis of Cinema and Esotericism by Eray Emin Aydemir
The Evolution Of Art, Episode 35 – Bünyamin Özgültekin, Eylül Aşkın – Evrim Sanat, Mikado İletişim
The Evolution of Art, Episode 35 – Bünyamin Özgültekin, Eylül Aşkın – Evrim Sanat, Mikado İletişim
New Novel “sayina” A Migration Story In Crimea During World War Ii
New Novel “Sayina”: A Migration Story in Crimea During World War II
The Star Of The 14th Phaselis Festival, İlyun Bürkev, To Perform A Concert At Akm
The Star of the 14th Phaselis Festival, İlyun Bürkev, to Perform a Concert at AKM
Port Sessions Akustikhane Will Offer Music Filled Moments At Galataport Istanbul On October 12 13.
Port Sessions Akustikhane will offer music-filled moments at Galataport Istanbul on October 12-13.
Emre Öztürk For Society To Understand What It Sees, It Needs To Read Special Interview With Eylül Aşkın
Emre Öztürk: “For society to understand what it sees, it needs to read” – Special Interview with Eylül Aşkın
Ii. International Mythology Film Festival Awards Find Their Recipients
II. International Mythology Film Festival Awards Find Their Recipients
The Sonata Of Daylight Exhibition The Psychological Reflections Of The Pandemic Meet With Art
“The Sonata of Daylight” Exhibition: The Psychological Reflections of the Pandemic Meet with Art
The Dance Of Progressive Rock And Contrasts In Başak Yavuz's Raum 610 Album
The Dance of Progressive Rock and Contrasts in Başak Yavuz’s Raum 610 Album
Enjoy Fun Events At Hillside Live After Dinner At Minoa Village And Itsumi So
Enjoy Fun Events at Hillside LIVE After Dinner at Minoa Village and Itsumi So
The Healing World Of Color Therapy New Content In The Book Journey To Your Color
The Healing World of Color Therapy: New Content in the Book “Journey to Your Color”
Selhan Özdemir Discusses Her Breast Cancer Diagnosis And Treatment Process. Exclusive Interview With Eylül Aşkın…
Selhan Özdemir Discusses Her Breast Cancer Diagnosis and Treatment Process. Exclusive Interview with Eylül Aşkın…
Çiğdem Yorgancıoğlu & Yasin Kasırga At Chi Ci Talks Energy
Çiğdem Yorgancıoğlu & Yasin Kasırga at Chi Ci Talks Energy
Why Are Thyroid Diseases More Common In Women Dr. Erdem Türemen
Why Are Thyroid Diseases More Common in Women? Dr. Erdem Türemen
Art's Evolution, Episode 34 – Mustafa Vural, Eylûl Aşkın – Evolution Art, Mikado Communication
Art’s Evolution, Episode 34 – Mustafa Vural, Eylûl Aşkın – Evolution Art, Mikado Communication
The Star Of The Film 'Ölümcül Davet Deadly Invitation,' İlkin İrem Bulut, Is Preparing For Television Projects.
The star of the film ‘Ölümcül Davet-Deadly Invitation,’ İlkin İrem Bulut, is preparing for television projects.
Stories From Gaza By Michel Khleifi At The International Friendship Short Film Festival
Stories from Gaza by Michel Khleifi: At the International Friendship Short Film Festival
Yasin Kaplan’s New Book How To Use Artificial Intelligence In Digital Marketing
Yasin Kaplan’s New Book: How to Use Artificial Intelligence in Digital Marketing?
Haluk Özkan’s First Novel A Story In The Shadow Of The 1980s With Uyanış
Haluk Özkan’s First Novel: A Story in the Shadow of the 1980s with “Uyanış”
10 Years Of Success In The Automotive Sector Filo Broker Celebrated With A Special Event
10 Years of Success in the Automotive Sector: Filo Broker Celebrated with a Special Event
Sabiha Asfuroğlu Abbasoğlu We Did Not Give Up; We Will Not Give Up! The Museum Hotel Is Back In Service.
Sabiha Asfuroğlu Abbasoğlu: “We did not give up; we will not give up!” The Museum Hotel is back in service.
The Talking Letters Exhibition In Istanbul Masters From Art, Education, And Medicine Wrote To The Youth
The “Talking Letters” Exhibition in Istanbul: Masters from Art, Education, and Medicine Wrote to the Youth
Caner Kemahlıoğlu's Orientalist Touches The Enchantment Of Historical Jewelry Exhibited In Tokat
Caner Kemahlıoğlu’s Orientalist Touches: The Enchantment of Historical Jewelry Exhibited in Tokat
Türkiye News Portal Logo
Turhapo Logo
Türkiye Haber Portalı Logo