New email-delivered malware program steals Bitcoins
| Topic : Email Security
The malware equivalent of the pickpocket has arrived. Security researchers at LogRhythm Labs recently discovered a new malicious software program that has been designed to rob its victims of Bitcoins, a type of unregulated digital currency.
According to analysts, the malware is delivered to end users through an email phishing campaign. A message masquerading as a request for a digital wallet backup is sent to victims' inboxes. The email contains a link that, when clicked, starts the download of a file titled Backup.zip. This is the program that initiates the Bitcoin theft.
Although a considerable number of people -1,674, LogRhythm researchers noted - have clicked the malicious link, the hackers appear to have been relatively judicious regarding to whom they sent this blended threat.
"This appears to be a mass-targeted phishing message ... It is obvious that they have targeted people whom they know use Bitcoin by way of scraping popular BTC sites and leaks for email addresses," the researchers wrote.
Malware programs that attempt to steal or otherwise illicitly procure Bitcoins are not entirely new. Ransomware programs also leverage the digital currency, encrypting victims' data and demanding payment in Bitcoins in exchange for the return of the files. Often, the financial impact of such a security breach is considerable. The Bitcoins it took a Swansea, Mass., police department to regain access to its ransomed data cost $750. But the program discovered by LogRhythm achieves its ends by somewhat more surreptitious means.
"It appears that this malware lays resident until the victim opens their Bitcoin wallet using the BitcoinQT software," the analysts noted.
News of this threat should serve as a reminder to enterprise IT departments that email security has a direct, financial value for the company. Even in cases where money isn't stolen or lost, recovering from a cybersecurity incident invariably requires expenditures in time, effort and funds.