An advisory report issued by various government agencies in the United States and the United Kingdom is warning users to beware of a new malware that is being used to target crypto wallets and exchanges.
Various intelligence organizations including the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the National Cyber Security Centre (NCSC), which is a part of the United Kingdom’s Government Communications Headquarters (GCHQ) collaborated to release a joint report about the malware dubbed the “Infamous Chisel.”
According to the report, the malware has been tied to the activities of Sandworm, a cyberwarfare unit working under the GRU, Russia’s military intelligence agency. The joint report also noted that Sandworm has been targeting the Android devices of the Ukrainian military, using the new malware to extract information from compromised mobile devices.
The report noted that some of the data that was extracted by the malware included data within the directories of the Binance and Coinbase exchange applications and the Trust Wallet application. According to the report, every file in the directories they listed are being exfiltrated regardless of their type.
The joint report also noted that the Infamous Chisel’s components were developed with only little regard for the “concealment of malicious activity.” The malware lacks stealth techniques to disguise its activities. However, this may be because of the lack of host-based detection systems for Android devices, according to the report.
Meanwhile, almost $1 billion has been lost to exploits, hacks and scams in 2023. On Sept. 1, blockchain security firm CertiK reported that around $997 million has been lost year-to-date (YTD) in the current year. In August alone, around $45 million were lost to such attacks. Despite the amount, the losses were significantly lower than the previous month. In July, more than $486 million worth of digital assets were lost to malicious attacks.