The Qulab information-stealing and clipboard hijacker trojan is being propagated on YouTube via fraudulent videos about an allegedly free bitcoin generator, BleepingComputer reports on May 29.According to the report, security researcher Frost reached out to BleepingComputer about the trojan scam, saying that YouTube would take down the fraudulent videos when reported, but new accounts and videos would subsequently pop up with the same MO.The videos reportedly describe a tool that lets users earn free bitcoin, with a link in the video description.
The links then direct to a download for the alleged tool, which is the Qulab trojan.
The trojan actually needs to be installed in order for it to be deployed.
In addition to attempting to steal a plethora of user information, the Qulab trojan will also reportedly attempt to sneakily steal cryptocurrency for the bad actor by scanning for strings copied to the Windows clipboard which the program recognizes as crypto addresses, and then substituting in the attacker's address instead.If a user pastes that string into a website field to specify where their funds are spent, they will paste in the attacker's string instead and direct the funds there.
The warning indicates that this is a viable strategy, since users are reportedly unlikely to remember or visually register that their intended crypto address - a long string of characters - has been swapped out for a different one.
According to a report by Fumko, there is a long list of crypto addresses the trojan can recognize, including ones for bitcoin, bitcoin cash, cardano, ether, litecoin, monero, and more.
As previously reported by Cointelegraph, YouTube purportedly advertised malware disguised as an advertisement for bitcoin wallet Electrum in March.
"The malicious advertisement is disguised to look like a real Electrum advertisement It even tells you to go to the correct link in the video but when you click on the advertisement it immediately starts downloading the malicious EXE file. As you can see in the image, the URL it sent me to is elecktrum.org, not electrum.org."
'Free Bitcoin' Scam Propagated on YouTube Steals Crypto via Clipboard Hijacking
gepubliceerd op May 29, 2019
by Cointele | gepubliceerd op Coinage
Coinage
Vermeld in dit artikel
Recent nieuws
Alles zien
Blockchain Bites: Bitcoin's Run, Uniswap's Hemorrhaging Value, Anchorage's Banking Bid
Bitcoin is nearing all-time highs in price and market cap last set three years ago.
Japan's megabanks to lead experiment with digital yen
We have, in order, Cheese Bank with a $3.3 million theft, Akropolis with its $2 million loss, Value DeFi with a whopping $6 million exploit and finally Origin Protocol's loss of $7 million.
Number of new Bitcoin addresses spikes amid growing FOMO
Japan's three largest banks, as part of a group of 30 private sector actors, are set to collaborate on an experiment with a digital yen.
Not just Wall Street: Quant trader explains why Bitcoin price is going up
Sam Trabucco, a quantitative trader at Alameda Research, believes four general factors are pushing up the price of Bitcoin.