Google Threat Intelligence has identified a new form of crypto-stealing malware called “Ghostblade” that affects Apple iOS devices and is part of the “DarkSword” suite of browser-based malware tools designed to steal private keys and other sensitive information.
Ghostblade is written in JavaScript and designed for rapid data theft. THE cryptocurrency thief malware activates, retrieves sensitive data from the compromised device and relays it to malicious servers, according to Google Threat Intelligence.
The Ghostblade malware does not run 24/7 on the compromised device, does not require additional plug-ins to work, and stops working after data extraction, making it harder to detect, threat researchers said.
The malware also includes code that deletes error reports from the compromised device, preventing Apple from receiving them and reporting the malware.
Ghostblade can access and relay messaging data from the iMessage text messaging app for Apple, Telegram, and WhatsApp devices.
The malware can also steal SIM card information, identity, media and geolocation data, and access system settings, according to Google’s cybersecurity report.
DarkSword and its components are one of the latest cybersecurity threats identified by Google Threat researchers, shedding light on the problem. scalable methods used by malicious actors to steal cryptocurrencies and other valuable data from unsuspecting users.
Related: Google discovers iOS exploit kit used in crypto-phishing attacks
Hacks fall in February as bad actors turn to exploiting human error
Losses due to crypto hacks fell to $49 million in February, a sharp drop from January’s $385 million, according to blockchain intelligence platform Nominis.
This decline reflects the shift from code-based cyber threats to crypto-phishing attemptswallet poisoning attacks and other threat vectors that take advantage of human error, Nominis said in its report.
Phishing attempts typically use fake websites designed to appear legitimate. These fake websites often use URLs that are almost identical to the legitimate sites they are masquerading as to trick users into visiting them.
These sites embed malware that can steal cryptographic private keys and other valuable data when a user accesses the site or clicks on one of its elements.
Review: WazirX Hackers Prepared 8 Days Before Attack, Scammers Forge Fiat for USDT: Asia Express
