Hackers are stealing cryptocurrency by exploiting typing errors
ADVERTISEMENT
A group of hackers exploited typos in order to introduce malware into Android phones and Windows-based PCs. According to a Cyble report, hackers are obtaining data and private keys from unsuspecting users by using a technique known as typosquatting, which entails registering domains that are strikingly similar to those of official brands of organizations.
Incorrectly typing a web domain can be costly to your wallet.
Hackers have set up a network of malware-infected domains that take advantage of users’ typing errors when trying to reach a specific website. According to research published by Cyble, a cyber security and digital risk assessment agency, these domains are imitations of well-known organizations and apps such as the Google Play Store, Apkure, and Apkcombo, among others.
Users that visit the URLs are urged to download an infected version of the app they are looking for, which will act as a vehicle for the infection. The target device, whether an Android phone or a Windows PC, will then be infected with a variant of ERMAC, a malware trojan that allows threat actors to access a variety of vital private data on the targeted device, including private keys.
The banking trojan was discovered in 2021, and it now targets over 460 applications, with attackers able to rent its services for $5,000 per month.
Hackers are targeting more sites and brands.
While the aforementioned report only discovered evidence of a small group of apps and brands being imitated, further investigation by another security source revealed that at least 27 brands and app names are being targeted by this type of attack. Tiktok Vidmate, Snapchat, Paypal, and even more developer-focused apps like Notepad+ and the Tor Browser are among them.
Cryptocurrency wallets, cryptocurrency mining, and related websites are also included. Tronlink Metamask, Phantom, Cosmos Wallet, and Ethermine are among the sites that have been targeted. To enhance the effect and damage of the attack, each of these false domains has many typo-squatted domains registered.
To avoid this type of assault, Cybel suggests installing an excellent antivirus on your phone and PC, as well as routinely monitoring your wallets and banking accounts. However, the best recommendation is to utilize a search engine to find software and app web pages rather than blog-posted directions and links displayed as part of advertising campaigns.
