SECURITY ALERT Hackers Use Software Cracks and BitTorrent Client to Steal Cryptocurrency

upnorth

Moderator
Verified
Staff member
Malware Hunter
Jul 27, 2015
4,236
Researchers from cybersecurity company Bitdefender are warning that hackers are using malicious software cracks to steal valuable data including cryptocurrency wallets. While compromised cracks are not new, this malware reportedly uses BitTorrent clients to transfer data and involves human operators.

It’s no secret that scammers are constantly trying to trick people into downloading malicious content from pirate sites. These files are generally easy to spot for seasoned pirates and they are often swiftly removed from well-moderated sites. However, for casual downloaders, malware can be a serious problem. Novices are often directed to dubious portals where these threats are harder to avoid. That can lead to disastrous consequences. This isn’t limited to annoying popups either, it can result in financial trouble as well.
Bitdefender reports that hackers are actively using software cracks to empty people’s cryptocurrency wallets. The company discovered a series of malicious KMS activators for Office and Windows, as well as Adobe Photoshop cracks. These can completely compromise the victim’s computer. If these malicious cracks are executed, they drop a copy of the legitimate data transfer software “ncat.exe” that can be controlled by the hackers. This tool is used to transfer valuable data from the victim’s computer through a TOR proxy. Interestingly, Bitdefender reports that the attackers also use BitTorrent clients to exfiltrate data. Bitdefender’s director of threat research, Bogdan Botezatu, informs us that they discovered instances of the Transmission client that shared stolen data via torrents.
these types of malware-ridden cracks mostly affect people who download files from sites that have little or no moderation. This is confirmed by Bitdefender as well. “These cracks are usually hosted on direct-download websites rather than on torrent portals, as the latter have a community that downvotes and flags malicious uploads,” Botezatu says. At the moment the malware-loaded cracks are most popular in North America and India. More technical details about the files and processes involved can be found in Bitdefender’s full writeup.
 
Top