Security researchers observed the Razy Trojan installing malicious extensions across multiple web browsers to steal cryptocurrency.
In 2018, SCS detected that the Trojan was being distributed via advertising blocks on websites and free file hosting services disguised as legitimate package. The malware uses totally different infection processes for Google Chrome, Mozilla Firefox and Yandex Browser, disabling automatic updates and integrity checks for put in extensions.
Razy then uses its main.js script to steal cryptocurrency by looking websites for the addresses of digital wallets. If it finds what it’s looking for, the Trojan replaces the wallet addresses with those controlled by the malware’s operators.
Razy may spoof pictures of QR codes that time to cryptocurrency wallets, modify digital currency exchanges’ webpages by displaying messages that lure users with the promise of latest options, and alter Google or Yandex search results to trick victims into visiting infected websites.
Not the First Cryptocurrency Stealer — And Likely Not the Last
The Razy Trojan isn’t the primary malware renowned for stealing users’ cryptocurrency. In july 2018, we chanced on a malware sample that changed victims’ clipboard content to interchange a derived bitcoin address with one happiness to threat actors. just a few months later, we have a tendency to discovered DarkGate, malware that’s capable of crypto-mining and ransomware-like behavior additionally to stealing virtual currency from victims’ wallets.
These malware samples compete a region within the rise of cryptocurrency stealing last year. in just the first six months of 2018, we observed that digital currency stealing reached $1.1 billion. one amongst the incidents that came about among that point amount concerned the stealing of $530 million
How to Defend Against Malware Like Razy
Secnic Consultancy Sevices can help defend against threats like Razy by incorporating artificial intelligence (AI) into their organizations’ malware defense strategies, including the use of AI in detectors and cyber deception to misdirect and deactivate AI-powered attacks. Experts also recommend using blockchain and other advanced technologies to protect against cryptocurrency threats