Clipboard stealers disguised as cracked RATs and malware building tools have been discovered by security experts from two businesses in a new example of hackers targeting hackers using clipboard stealers disguised as cracked RATs and malware building tools.
Clipboard stealers are a frequent type of malware that monitors a victim’s clipboard material for cryptocurrency wallet addresses and replaces them with one belonging to the malware operator.
As a result, attackers may hijack bank operations in real time and move funds to their own accounts. The most prominent cryptocurrencies, such as Bitcoin, Ethereum, and Monero, are targeted by these thieves.
RATs that have been deciphered
On hacker sites such as ‘Russia black hat,’ ASEC researchers discovered phony clipboard stealer offers. Cracked versions of BitRAT and Quasar RAT, both commodity malware with a price tag of $20-$100, were used to entice would-be hackers.
Those who try to download any of the available files are sent to an Anonfiles page, which downloads a RAR package containing a virus builder.
The “crack.exe” file in these archives is really a ClipBanker installer, which transfers the malicious program to the startup folder and runs it on first boot.
AvD Crypto Stealer is a malicious computer program that steals cryptocurrency.
Cyble’s investigators discovered an offer of a free month of AvD Crypto Stealer on a cybercrime site, leading to a second report on phony stealers.
The victims download what seems to be a malware constructor and run an application called ‘Payload.exe,’ believing that this will provide them free access to the crypto stealer.
As a result of this move, a clipper infects their systems, which targets Ethereum, Binance Smart Chain, Fantom, Polygon, Avalanche, and Arbitron.
Cyble discovered that hijacking 422 transactions resulted in the Bitcoin address hardcoded on this variant sample receiving 1.3 BTC (about $54,000).
Crooks prey on other crooks
While it is common for hackers to target ordinary users, it is not uncommon to find hackers attempting to trick fellow hackers, with some success.
Inexperienced or irresponsible threat actors frequently take advantage of free malware they locate on obscure or poorly monitored websites and install it without hesitation on their PCs.
These victims may have bitcoin earned as a result of a variety of malicious behaviors.
While these initiatives do not address any of the fundamental issues that ordinary internet users face, they are yet another reason why being involved in cybercrime is a terrible decision.
