uTalk

Official forum for Utopia Community

You are not logged in.

#1 2023-04-04 15:30:04

IyaJJJ
Member
Registered: 2023-01-25
Posts: 2,082

The OpcJacker malware steals cryptocurrency and targets users with a b

bF3vBo4.png
As a cryptocurrency enthusiast, it is never idea to use free or cheap tools (internet security/antivirus, VPN, etc.) If you dont have the fund for VPN make use of the UtopiaP2P application client.

Since the second half of 2022, a new type of information-stealing malware, OpcJacker, has been discovered as part of a malicious ad campaign.

Trend Micro researchers Jaromir Horejsi and Joseph C. Chen said.

The campaign's initial vector was a network of fake websites promoting seemingly harmless software and cryptocurrency-related applications. The February 2023 campaign specifically targeted Iranian users by offering VPN services.

The installation file acts as a conduit for deploying OpcJacker, which is also capable of delivering next-level payloads such as NetSupport RAT and hidden Virtual Network Computing (hVNC) variants for remote access. OpcJacker hides using an encryption called Babadeda and uses configuration files to enable data collection capabilities. It can also run arbitrary shellcode and executables.
"The configuration file format resembles bytecode written in user-defined machine language, where each instruction is parsed, individual opcodes are extracted, and special handlers are executed," Trend Micro said.

Given the malware's ability to steal cryptocurrency funds from wallets, it is suspected that these actions are financially motivated. However, OpcJacker's versatility makes it an ideal malware loader.

Securonix reveals details of an ongoing campaign called TACTICAL #OCTOPUS that targets US entities using tax-related decoys by infecting them with a backdoor to gain access to the victim's system and capture clipboard data and keystrokes. In a related development, Italian and French users searching YouTube for hacked versions of computer maintenance software such as EaseUS Partition Master and Driver Easy Pro were redirected to a Blogger page distributing the NullMixer dropper.

NullMixer also excels at simultaneously removing a variety of pre-existing malware, including PseudoManuscrypt, Raccoon Stealer, GCleaner, Fabookie, and a new malware loader called Crashtech Loader, resulting in massive infections.

Last edited by IyaJJJ (2023-04-04 15:30:21)

Offline

#2 2023-04-04 20:36:30

CrytoCynthia
Member
Registered: 2022-11-19
Posts: 3,193

Re: The OpcJacker malware steals cryptocurrency and targets users with a b

Well what cryptocurrency users fails to do is to designate their tools, I don’t use the device I use for cryptocurrency and use same tools for my personal life. I draw a line between the two and this has really helped me stay safe.

Offline

#3 2023-04-04 23:50:23

joanna
Member
Registered: 2023-01-10
Posts: 3,896

Re: The OpcJacker malware steals cryptocurrency and targets users with a b

CrytoCynthia;6734 wrote:

Well what cryptocurrency users fails to do is to designate their tools, I don’t use the device I use for cryptocurrency and use same tools for my personal life. I draw a line between the two and this has really helped me stay safe.

Could explain better what you mean for me to understand you very well because my own belief is to never use free and untrusted applications. Make you of a good antivirus and privacy service.

Offline

#4 2023-04-05 21:13:23

KingCRP
Member
Registered: 2023-01-06
Posts: 1,054

Re: The OpcJacker malware steals cryptocurrency and targets users with a b

joanna;6795 wrote:
CrytoCynthia;6734 wrote:

Well what cryptocurrency users fails to do is to designate their tools, I don’t use the device I use for cryptocurrency and use same tools for my personal life. I draw a line between the two and this has really helped me stay safe.

Could explain better what you mean for me to understand you very well because my own belief is to never use free and untrusted applications. Make you of a good antivirus and privacy service.

Well most application we use right now are free if we are being honest, like our WhatsApp, Facebook and so on where gotten free so are you not making use of such application?

Offline

#5 2023-04-06 22:25:27

thrive
Member
Registered: 2023-01-04
Posts: 2,575

Re: The OpcJacker malware steals cryptocurrency and targets users with a b

KingCRP;6857 wrote:
joanna;6795 wrote:
CrytoCynthia;6734 wrote:

Well what cryptocurrency users fails to do is to designate their tools, I don’t use the device I use for cryptocurrency and use same tools for my personal life. I draw a line between the two and this has really helped me stay safe.

Could explain better what you mean for me to understand you very well because my own belief is to never use free and untrusted applications. Make you of a good antivirus and privacy service.

Well most application we use right now are free if we are being honest, like our WhatsApp, Facebook and so on where gotten free so are you not making use of such application?

It's hard to see any internet user that's not using a free application according to understanding based on the years I have spent on the internet.

Offline

#6 2023-04-06 22:26:02

joanna
Member
Registered: 2023-01-10
Posts: 3,896

Re: The OpcJacker malware steals cryptocurrency and targets users with a b

thrive;7042 wrote:
KingCRP;6857 wrote:
joanna;6795 wrote:

Could explain better what you mean for me to understand you very well because my own belief is to never use free and untrusted applications. Make you of a good antivirus and privacy service.

Well most application we use right now are free if we are being honest, like our WhatsApp, Facebook and so on where gotten free so are you not making use of such application?

It's hard to see any internet user that's not using a free application according to understanding based on the years I have spent on the internet.

You all both appear not to understand what I am talking about when I said free application. I was talking about the use of free VPN, antivirus, and other applications that somehow provide security.

Offline

Board footer

Powered by FluxBB