CoinTelegraph 2025-05-07 18:43:36

COLDRIVER using new malware to steal from Western targets — Google

Threat group COLDRIVER is using new malware to steal documents from Western targets, according to a May 7 report from Google Threat Intelligence. The malware, called LOSTKEYS, shows the evolution of the group from credential phishing to more sophisticated attacks. According to the Google report, the new malware is installed through four steps. The process involves a “lure website” with a fake CAPTCHA, a PowerShell script downloaded to the user’s clipboard, some device evasion, and retrieval of the final payload. Lastly, the malware is installed. LOSTKEYS payload delivery. Source: Google LOSTKEYS is capable of stealing files from extensions and directories. It can also send system information and running processes back to COLDRIVER. The address from which the parts of the attack come is “165.227.148[.]68” according to Google. The company says it has already taken steps to mitigate any damage the LOSTKEYS malware will cause, including adding the malicious websites to the company’s “Safe Browsing” feature. According to Google, COLDRIVER is a Russian-backed threat group that typically engages in phishing attempts at high-profile Western targets, such as former diplomats, and journalists. In January 2024, it started an attack with a malware called “Spica,” which can execute arbitrary shell commands and download or upload software. Related: Crypto drainers now sold as easy-to-use malware at IT industry fairs Crypto hack losses hit all-time high in 2025 Crypto hacks have surged in 2025, with total losses reaching $2 billion in the first quarter alone — exceeding all losses recorded in 2024 . According to a report by crypto cybersecurity firm Hacken, operational flaws and weak access controls remain key vulnerabilities — even among major centralized and decentralized players. Attackers are also increasingly using social engineering tactics to gain victims’ trust. Contributing to last quarter's losses was the $1.5 billion hack of cryptocurrency exchange Bybit . The February attack was reportedly orchestrated by the Lazarus Group . Magazine: Lazarus Group’s favorite exploit revealed — Crypto hacks analysis

Meist gelesene Nachrichten

Top Russian Lawmaker: India-Pakistan Tensions...
2025-05-08
Breaking: Celsius Founder Alex Mashinsky Hit...
2025-05-08
Celsius Founder Alex Mashinsky Receives 12-Ye...
2025-05-08
From XRP Whales to ADA Bulls — All Eyes Are N...
2025-05-08
Qubetics, VeChain, Tezos Stand Out as Best Cr...
2025-05-08
Tom Brady, Larry David Among Celebs Cleared i...
2025-05-08
Michael Saylor Predicts Bitcoin Market Cap $2...
2025-05-08
EU to Track Crypto Transfers Under New AML Ru...
2025-05-08

Ähnliche Neuigkeiten

Bitcoin Rallies Past $100,000 After Highly Bullish...
08 May 2025
Still Priced Below $0.07, MAGACOIN FINANCE Is Draw...
08 May 2025
Coinbase Q1 2025 Earnings Miss Expectations While...
08 May 2025
New Mistral AI Version Drops: A Worthy ChatGPT and...
08 May 2025
SEC Officially Files Settlement Agreement With Rip...
08 May 2025
Trump Trade News Ignites Bitcoin Mania—$100K Comin...
08 May 2025

Lesen Sie den Haftungsausschluss : Alle hierin bereitgestellten Inhalte unserer Website, Hyperlinks, zugehörige Anwendungen, Foren, Blogs, Social-Media-Konten und andere Plattformen („Website“) dienen ausschließlich Ihrer allgemeinen Information und werden aus Quellen Dritter bezogen. Wir geben keinerlei Garantien in Bezug auf unseren Inhalt, einschließlich, aber nicht beschränkt auf Genauigkeit und Aktualität. Kein Teil der Inhalte, die wir zur Verfügung stellen, stellt Finanzberatung, Rechtsberatung oder eine andere Form der Beratung dar, die für Ihr spezifisches Vertrauen zu irgendeinem Zweck bestimmt ist. Die Verwendung oder das Vertrauen in unsere Inhalte erfolgt ausschließlich auf eigenes Risiko und Ermessen. Sie sollten Ihre eigenen Untersuchungen durchführen, unsere Inhalte prüfen, analysieren und überprüfen, bevor Sie sich darauf verlassen. Der Handel ist eine sehr riskante Aktivität, die zu erheblichen Verlusten führen kann. Konsultieren Sie daher Ihren Finanzberater, bevor Sie eine Entscheidung treffen. Kein Inhalt unserer Website ist als Aufforderung oder Angebot zu verstehen