One of the main concerns of the cryptocurrency space has always been hacking and malware. Recently, a research division of Palo Alto networks, Unit 42, detected a malicious malware targeting two Israeli fintech and cryptocurrency trading software companies. The malware in question was Cardinal RAT malware aka Remote Access Trojan, which was initially discovered in 2017.
The report by Unit 42 read,
“This malware family had remained undetected for over two years and was delivered via a unique downloader named Carp Downloader.”
It reported that the research division continued to keep tabs on the malware since it was first discovered. This was the main reason why they were able to discover “a series of attacks using an updated version of Cardinal RAT.” The report further stated that that there were a “series of modifications” in the RAT, which could have been made in order to “evade detection,” and also hinder the analysis.
The report added,
With this malware, the attacker can gain access to the victim’s personal information, capture screenshots, clean cookies from browser, uninstall itself from the victims device, execute command, recover passwords, download and execute new files, and update settings.
Even though the details pertaining to the two companies that build software for the Forex and cryptocurrency trading firms have not been disclosed, the implications of this malware attack could be disastrous. This entirely depends on the platform’s main operations, such as whether they had information of customers stored in their devices.
In a statement to thenextweb, Unit 42 stated “that the malicious files find their way onto machines through lure documents attached to spam messages that were sent to individuals thought to operate as Forex and cryptocurrency traders.”
Subscribe to AMBCrypto’s Newsletter