Specialists from the company's research and intelligence division say that the attackers are targeting medium and large cryptocurrency exchanges in Mexico with gross income of $100 million or more. The hacker attack is carried out by installing a tool to steal confidential user information on the computers and databases of exchange employees under the guise of supposedly official updates. When following links, victims are taken to resources controlled by attackers.
As a tool, hackers use an open source remote access solution called AllaKore RAT.
“The AllaKore RAT payload is modified to allow attackers to track and send stolen credentials as well as unique authentication information to the command and control server,” Blackberry security experts explained.
Most of the attacks were traced to the IP addresses of the Starlink provider in Mexico. Given the use of Spanish instructions in the modified RAT payload, Blackberry experts concluded that the attackers were most likely based in Latin America.
Several years ago, smartphone manufacturer BlackBerry introduced to the crypto community its own virus-mining detection system for computers based on Intel processors.
Source: Bits
I am an experienced journalist, writer, and editor with a passion for finance and business news. I have been working in the journalism field for over 6 years, covering a variety of topics from finance to technology. As an author at World Stock Market, I specialize in finance business-related topics.
