On Nov. 26, the major antivirus software supplier Eset reported that the Stantinko botnet operators have expanded their criminal reach from click fraud, ad injection, social network fraud and password stealing attacks, into installing crypto malware on victims’ devices using Youtube.
Slovakian software security firm Eset has uncovered that cyber criminals behind the Stantinko botnet have been distributing a Monero (XMR) cryptocurrency mining module via Youtube.
Stantinko botnet has been active since at least 2012
The Stantinko botnet, which has been active since at least 2012 and predominantly targets users in Russia, Ukraine, Belarus and Kazakhstan, reportedly uses YouTube channels to distribute its cryptojacking module, which mines the privacy-focused crypto coin Monero on the CPUs of unsuspecting victims.
This cryptocurrency-stealing malware has reportedly infected around 500,000 devices, and is similar to the recently discovered malicious malware, Dexphot, malware discovered by Microsoft that has already infected more than 80,000 computers.
These crypto-hijacking codes steal processing resources, take over legitimate system processes and disguise the nefarious activity with the ultimate goal of running a crypto miner on the infected devices.
Eset informed YouTube, which reportedly responded by removing all the channels that contained traces of Stantinko’s code.
Malware on Monero’s official website was stealing crypto
In November, Monero’s core development team said that the software available for download on Monero’s official website might have been compromised to steal cryptocurrency. A professional investigator going by the name of Serhack confirmed that the software distributed after the server was compromised was indeed malicious:
“I can confirm that the malicious binary is stealing coins. Roughly 9 hours after I ran the binary a single transaction drained the wallet. I downloaded the build yesterday around 6pm Pacific time.”
Telx Technologies Launches First Crypto-Facilitating SIM Card
Cryptocurrency and telecommunications company Telx Technologies announced the launch of the first crypto SIM card wallet that enables transactions via SMS.
According to the company’s Medium post published on Aug. 22, the card allows its users to send cryptocurrencies via SMS with their dedicated crypto phone number. Notably, these transactions do not require a smartphone or an active Internet connection. On the other hand, the system also offers no control over a user’s crypto wallet.
Crypto transactions on “dumbphones”
As the crypto community tried to teach those new to the space during the “Proof of Keys” event in January, there are significant disadvantages in not having direct control over a wallet. More precisely, placing one’s assets in a wallet managed by a third party forgoes the trustless, decentralized and disintermediated nature of the technology involved, according to many crypto enthusiasts.
That being said, having your private keys managed by a third party often enables a higher degree of user-friendliness. Telx also mentioned this in its announcement:
“At Telx our goal is to make transacting digital currency as easy and accessible as possible. This means creating solutions that technical and non technical people alike can adopt. We believe there is tremendous synergy between payments and messaging.”
Everything new is well-forgotten old
Per the Medium post, the crypto SIM card is available in over 180 countries, allows unlimited SMS messaging and supports Bitcoin (BTC), Litecoin (LTC), DASH, Zcash (ZEC) and Bitcoin Cash (BCH). To execute a crypto transaction via this service, its user can send an SMS to any phone number.
Lastly, the company promises to prevent SIM swapping and phone number porting, to accept transactions originating only from the proper SIM card, to protect the wallet with a dedicated PIN number and to provide backup keys in case of a theft or loss.
As Cointelegraph reported in May, Sean Coonce, engineering manager at cryptocurrency custodian BitGo, announced that he became a victim of a SIM swapping hack.