Fortinet warns of Black Friday scams involving PS5s, Xboxes and fake Amazon gift card generators that steal crypto

LASER_oneXM

Level 37
Thread author
Verified
Top poster
Well-known
Feb 4, 2016
2,520
Researchers with FortiGuard Labs said they found a file titled "Amazon Gift Tool.exe" that was being marketed on a publicly available file repository site as a free Amazon gift card generator.

Fortinet's FortiGuard Labs has discovered a new scam using the lure of an Amazon gift card generator to steal cryptocurrency from people.
Researchers with FortiGuard Labs said they found a file titled "Amazon Gift Tool.exe" that was being marketed on a publicly available file repository site as a free Amazon gift card generator.

When people download the file and open it, a malicious winlogin.exe is dropped and executed.

"The purpose of the malware is simple. If the victim tries to add money to their anon-bitcoin wallet by copying and pasting the wallet address, the malware overwrites the victim's wallet address on the clipboard with its own, resulting in the money potentially going to the attacker," the researchers explained.

According to FortiGuard Labs, the malware watches a user's clipboard to search for text that is 54 characters long -- the length of a cryptocurrency wallet address -- and other criteria that indicate the text is related to cryptocurrency.