A deadly strain of malware is hitting the bitcoin blockchain. Known as Glupteba malware, it uses the bitcoin network to resist potential attacks, according to cybersecurity researchers.
Glupteba Isn’t Going Anywhere
Glupteba is dangerous in the sense that it uses the blockchain to update itself. This means that regardless of how the blockchain changes or grows in the future, the malware changes with it, so it can continue to run even if it’s blocked by a device’s antivirus software.
First discovered in late 2018, the malware spreads to mobile or computer devices through script advertising. It can steal website cookies, browsing history, passwords and account names, along with other personal information that is often shared between websites and internet sources.
However, researchers also say it is being used to mine the Monero currency, which makes it a form of crypto jacking software. Crypto jacking has become a highly popular method amongst hackers looking to obtain coins and digital assets that aren’t theirs. The malware infects a computer system, which allows the hacker in question to utilize someone’s computer to mine cryptocurrencies without the original owner’s permission or knowledge.
Typically, Monero is the cryptocurrency of choice amongst hackers that employ crypto jacking methods given its quasi-anonymous properties. All the while, the hacker is mining new coins and making a solid profit while the original owner earns nothing unless one counts the high energy bills that they’re forced to pay each month.
Lastly, researchers claim that the malware can potentially be used to infiltrate people’s Instagram accounts. It also utilizes the Electrum bitcoin wallet to transfer any funds a hacker may have mined or stolen and to gain access to additional systems.
Trend Micro researchers explain:
This technique makes it more convenient for the threat actor to replace command and control servers. If they lose control of a command and control server for any reason, they simply need to add a new bitcoin script and the infected machines obtain a new command and control server by decrypting the script data and reconnecting.
Maybe Safety Needs to Be Boosted
Command and control servers are centralized networks that issue digital commands to infected devices, thereby allowing the malware to move about freely.
Recently, legendary investor Mark Mobius claimed that the blockchain wasn’t as safe as we all thought, and after reading this story, it’s easy to see he’s probably right. While the bitcoin blockchain is often touted as one of the most secure forms of new technology to exist today, the crypto market is still wrought with problems that can potentially lead one’s private data to wind up in the wrong hands. Malware seemingly has a way of appearing when we least expect and in ways we’re not used to.