HQ/EMEAFind out how we can help your business
A notorious hacker forum is trying to introduce and sell a malicious program, Vacum Stealer, designed to steal cryptocurrency from unsuspecting victims.
Based on reports, attackers could secretly store the malware on phishing websites to facilitate unauthorised transactions, making it a formidable threat in cybercrime. The malware developer claimed that this malicious software could execute these transactions without additional confirmation, leaving its victims virtually defenceless. However, the most threatening aspect of the malware is having the capability to transfer all ERC20 tokens and ETH.
The seller of Vacum Stealer is also its developer.
The individual who endorses Vacum Stealer on the dark web marketplace also claimed responsibility for its development. The alleged developer claimed that it dedicated five months of effort to creating the cryptocurrency stealer during an NFT campaign to bring it to fruition.
The malicious software is available for €250 worth of Monero, which could be a massive threat to unsuspecting users since various threat actors could acquire it. Notably, the malware was endorsed by a dark web user with the alias “Mercidoctor,” who gained traction on the forum last year.
Crypto owners should understand that the creator of this ETH-stealing malware claimed that the threat actors who will acquire it could quickly deploy it on a website. Once in place, it would present a deceptive crypto wallet link to potential victims.
Subsequently, the operation will execute a smart contract, including fraudulent agreements and other deceptive elements, once unsuspecting users access the link. Once the user accesses the link, it activates the stealing operation, which illicitly transfers all ERC20 tokens and ETH from the victim’s wallet to the attacker-controlled account.
Users should exercise caution when encountering pop-ups or unfamiliar links that might not display promotions that are too good to be true. Additionally, websites offering cryptocurrency wallet-related content may not always host authentic links and content.
Cybercriminals constantly develop adaptable malware that operates on websites while avoiding detection. It becomes increasingly challenging for users to trust random online sources for financial or personal information-related tasks.
Users should immediately report any sudden or suspicious financial transactions to relevant authorities to prevent or mitigate potential damages.
