• The modus operandi 
• A sneaky crypto miner 

Microsoft's cybersecurity division has warned about a new malware campaign that specifically targets cryptocurrency investors by hijacking widely used software development tools. 

Bad actors hide malicious code in popular open-source packages to steal wallet keys and passwords. 

The modus operandi 

According to Microsoft Threat Intelligence, the attackers compromised two specific packages found on npm, which is a huge public registry widely used by developers to create applications. 

If a user or software developer inadvertently downloads these infected packages, a Remote Access Trojan (RAT) gets deployed onto their operating system.

The Trojan stealthily operates in the background to monitor the victim’s device. 

It can record keystrokes, take screenshots, scan for stored private keys, and so on.

The hackers are using an innovative method to steal the stolen data from the victim's computer.

The stolen data is routed via Hugging Face, a highly popular online platform that is very popular among artificial intelligence and machine learning devs. 

The stolen crypto credentials can slip past basic security software undetected, given that there is no suspicious-looking server. 

A sneaky crypto miner 

There has been another sophisticated threat uncovered by Microsoft just last week, which similarly targets high-performance computer users. 

Attackers are deploying a stealthy "cryptojacking" malware to secretly hijack a computer's processing power to secretly mine crypto. 

This mining threat specifically hunts for PC gamers and hardware enthusiasts who own high-end graphics processing units (GPUs). In such a way, the hackers ensure they get the maximum possible crypto-mining yield.  

The hackers rely on Search Engine Optimization (SEO) poisoning to push fake websites to the top of search engine results. 

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。