On August 27th, MSI (Microsoft Security Intelligence) tweeted a warning to cryptocurrency traders that use Microsoft Windows. The warning stated that that funds in crypto wallets might be in danger of a new malware that has recently hit the wild.
‘Anubis,’ the new malware, uses code borrowed from Loki to steal credit card details. crypto wallet credentials, and other sensitive information Windows users.
Microsoft first discovered the virus in June in the depths of the cybercriminal world. It shared the name of another banking Trojan that has been used to target Android smartphones for the past few months.
MSI reassured that the malware at least seems to be something that can be controlled. MSI went on to say that Anubis was only deployed in ‘what appears to be limited, initial campaigns that have so far only used a handful of known download URLs and C2 servers.’
Certain websites convince users to download Anubis. Once downloaded, the malware steals information and sends it to a server via HTTP POST commands.
For now, Microsoft will continue to monitor the threat. This is an email phishing campaign so the best way to avoid being attacked is to not click on a link in an email that seems fishy. The source of the new malware’s code, Loki, used social-engineering to target its victims. It would send attachments via email, that, if clicked, would install the malware.