According to researchers at Trustwave Spiderlabs, a type of malware called Rilide is believed to be helping cyber criminals steal funds from cryptocurrency exchanges They say. While the steps being taken to tackle this malware will likely make life more difficult for cybercriminals, two researchers, Pawel Knapczyk and Wojciech Cieslak, say that this alone “may not be enough to solve the problem completely.”
Malicious Browser Extensions
Researchers at Trustwave Spiderlabs recently announced that they have discovered a new strain of malware that secretly withdraws funds from crypto wallets. According to the researchers, the malware, called Rilide, is believed to be disguised as a legitimate Google Drive extension; Rilide gives cybercriminals the ability to monitor the browsing history of their target victims, as well as “steal funds from cryptocurrency exchanges through a malicious It allows them to inject “malicious scripts.
Ablog postby two researchers, Pawel Knapczyk and Wojciech Cieslak, published on April 4, admits that Rilide is not the first malware to use a malicious browser extension. However, he states that researchers have seen how malware tricks users before withdrawing funds from their respective crypto wallets.
“What makes this malware different,” the researchers claim, “is its effective and rarely used ability to trick users into revealing two-factor authentication (2FA) using forged dialogs and withdraw cryptocurrency in the background.
Pending the implementation of the so-called Manifesto v3, which is expected to make life a little more difficult for cybercriminals, Knapczyk and Cieslak argue that this alone “may not be enough to completely solve the problem, as most of the features utilized by Rilide are still available may not be enough to completely solve the problem” because “most of the features utilized by Rilide are still available.
Meanwhile, in their warning to users, the two researchers reiterated the importance of being “vigilant and paranoid” whenever they receive unsolicited email. They also stated that “even if content on the Internet appears to be safe, never assume that it is. Likewise, users should always strive to be informed and educated about the latest happenings in the cybersecurity industry.
Image credit:: Shutterstock, Pixabay, Wiki Commons.