Cybersecurity experts from Cyble said that the new PennyWise malware, which steals data from crypto wallets, bypasses users from the CIS countries.
The PennyWise crypto trojan is designed to steal cryptocurrencies from 30 different wallets and browser extensions. The title refers to the character Pennywise the clown in Stephen King’s It. Cyble believes that this software is a real threat, including for owners of cold crypto wallets.
The data stolen from the victims comes as information about crypto extensions for browsers based on Chromium and Mozilla, and also includes wallet login information. In addition, the software can take screenshots and download chats in Telegram and Discord.
The program targets cold crypto wallets such as Atomic Wallet, Jaxx, Armory, Exodus, Guarda and any others that support Zcash and Ethereum. Cyble stressed that the software could be distributed through YouTube mining tutorial videos that offer free bitcoin (BTC) mining software. Attackers create entire channels with such videos. In some of them, scammers offer users a free premium subscription to Spotify.
It is noteworthy that the malware does not work if the victim comes in via IP from Russia, Ukraine, Kazakhstan or Belarus.
At the beginning of the year, a digital security researcher under the nickname 3xp0rt published a report on his blog where he spoke about the new Mars Stealer malware, which, like PennyWise, bypasses residents of five CIS countries.
Source: Bits
I’m James Harper, a highly experienced and accomplished news writer for World Stock Market. I have been writing in the Politics section of the website for over five years, providing readers with up-to-date and insightful information about current events in politics. My work is widely read and respected by many industry professionals as well as laymen.
