In a recent report, cybersecurity firm Trend Micro has uncovered a new strain of malware targeting crypto wallets and messaging apps on Windows. The newly identified malware, known as Phemedrone Stealer, exploits a previously unknown security flaw in Microsoft Windows, which has since been patched.
Phemedrone Stealer primarily targets web browsers to extract data from crypto wallets, along with information from messaging apps such as Telegram, Steam, and Discord. Additionally, the malware is designed to capture screenshots and collect system information, including details about hardware, location, and operating systems. The stolen data is transmitted to the attackers through Telegram or a command-and-control (C&C) server.
Despite the security patch, Trend Micro warns that an increasing number of malware campaigns, including those distributing the Phemedrone Stealer payload, have incorporated this security gap into their attack chains. The scale of stolen crypto or private data due to Phemedrone Stealer remains unclear at this time.
The report also highlights the growing trend of cyber attacks targeting crypto assets. According to De.Fi’s REKT database, there were at least 455 incidents in 2023, with the largest hack amounting to $231 million, attributed to Multichain. However, it’s worth noting that the efforts of cybersecurity experts and white hat hackers led to the recovery of approximately $200 million from the overall sum, providing a glimmer of hope amidst the alarming $2 billion in total losses.
The discovery of this new malware underscores the ongoing importance of robust cybersecurity measures, especially in the crypto space where the potential for significant financial losses due to malicious activities remains a prevalent concern.
For further updates on cybersecurity threats and industry developments, consider following us on Google News.
With this new strain of malware posing a threat to crypto wallet security, it’s crucial for users to stay vigilant, keep their systems updated with the latest security patches, and utilize additional security measures such as multi-factor authentication to protect their digital assets from potential breaches and theft.