Hackers are being more and more sophisticated. Particularly in the crypto field, hackers can imbed their software and steal information. There is a new malware that can steal from your wallet without you even knowing your wallet has been hacked.
TL;DR
Disabled auto-downloading in Telegram settings to avoid the unaware download of malware and got hacked of your crypto wallet.
Here is a 1 min summary of the article if you want to skip the reading.
Echelon
This Malware steals private information from users and specifically targets crypto wallets and user accounts credentials. The software may contain multiple credential-stealing functions, domain detection, and computer fingerprinting to collect users’ credentials. It can also screenshot users’ credentials and automatically send them back to hackers. You can read the full report on how the code attack users here.
Handle @Smokes Night
Telegram group Smokes Night was reported to propagate the malware Echelon and steal credentials from user accounts and crypto-wallets. There are no other incidents revealed in the current time.
Check out my another article: Doge Starts Moving
Possible places to exploit
According to the report, here are platforms and crypto wallets that potentially be the target:
Exploited Platforms:
- Discord
- Edge
- FileZilla
- NordVPN
- OpenVPN
- Outlook
- Pidgin
- ProtonVPN
- Psi(Jabber)
- Telegram
- TotalCommander
Aimed Digital Currency Wallets:
- Armory
- AtomicWallet
- BitcoinCore
- ByteCoin
- DashCore
- Electrum
- Exodus
- Ethereum
- Jaxx
- LitecoinCore
- Monero
- Zcash
Possible upgrade with zero clicking
The current version of software may need to click and install. However, it may evolve into zero-click with auto installation functionality to make a 0 click attack.
What you can do
If you are using Telegram, please turn off the auto-downloading functionality. You can reference how to turn off the auto-downloading here.
In Conclusion
Do not open any suspicious download zip files. Try to have your virus scan software active during your internet connection. Be sure to turn off your auto-download function on any chat apps.
Follow me here