December 10, 2013 Leave a comment
ESET HQ malware research lab is reporting new campaigns of the very effective banking trojan Hesperbot. As previously uncovered by ESET, Hesperbot is using very credible-looking spreading campaigns related to trustworthy organisations and lures victims to run the malware.
The malware itself has evolved as well – ESET has researched new versions of Hesperbot that can steal bitcoins. Namely, it includes a module that attempts to access Bitcoin wallets that store private keys. “With the current high value of Bitcoin, the decision to add this module is quite understandable,” says Robert Lipovsky, who heads ESET research into Hesperbot. Earlier this year, ESET detected new variants of malware that attempted to steal Bitcoins, mine Bitcoins illegally, or break into wallets. Recently two sites hosting online wallets for the cryptocurrency Bitcoin were targeted by hackers – the ‘heists’ netted more than $1 million each. Oddly, though, this has not adversely affected the value of the cryptocurrency, which seems to thrive on publicity, whether positive or negative.
This sophisticated banking malware is spreading via phishing-like emails and also attempts to infect mobile devices running Android, Symbian and Blackberry. Detected as Win32/Spy.Hesperbot, this threat features keylogger capabilities, can create screenshots and video capture, and set up a remote proxy. The attackers aim to obtain login credentials giving them access to the victim’s bank account and getting them to install a mobile component of the malware on their Symbian, Blackberry or Android phone. “The Hesperbot operators are very active, causing real financial losses for bank’s customers and it seems we still haven’t heard the last of this malware,” concludes Lipovsky.
How to protect yourself?
If your wallet’s stolen, act fast
If your Bitcoin wallet HAS been stolen, it’s not quite as easy for the attacker as stealing a real wallet – he or she has to move the currency out of it. If you’re lucky, and fast, this can sometimes save your coins. When the Bitcoin wallet is stolen from the victim, the attacker will have to “spend” the Bitcoins in it – by either adding them to his own wallet, purchasing something, etc.
Keep your PC clean if you’re dabbling in Bitcoin
Cybercriminals love Bitcoin. Bitcoin and other crypto-currencies are being targeted by cybercriminals. There are numerous malware families today that either perform Bitcoin mining or directly steal the contents of victims’ Bitcoin wallets, or both. Keep your computer clean and uncompromised by “thinking before you click” and keeping your system, applications and anti-virus up-to-date.
Encrypt your wallet
Despite Bitcoin’s own beautiful illustrations of glittery coins, what you’re dealing with are numbers – long encryption keys. To stay safe, you just have to ensure no one else ever has access to these. There are several important rules to keep Bitcoins safe. The key words here are: back up and encrypt. Bitcoin provides a way to encrypt wallets, and this would make it much more difficult for the attacker to get his hands on the Bitcoins
Don’t keep all your eggs in one basket – or your Bitcoin in one wallet
If you’re worried a site breach or Trojan attack may have put your hoard within reach, don’t just change passwords, even if your wallet is encrypted. Make a new one, and move your coins to it (with a new, strong password).
If you must store Bitcoins online, don’t store large amounts
Online Bitcoin wallets are not designed to work like bank accounts – they’re convenient, as you can access them from anywhere – but they’re a prime target for cybercriminals. After Bitcoin site Inputs.io was hacked, and $1.2 million stolen, its founder said, “I don’t recommend storing any bitcoins accessible on computers connected to the internet.”
Mobiles and Bitcoins don’t mix
Various Android apps offer ways to carry Bitcoins with you – but again, these come with their own risks. Earlier this year, a flaw in Android rendered ALL Bitcoin wallets unsafe – although it was rapidly patched – and apps which allow transfer via NFC add additional risks, particularly if a device is lost.
Still worried? Store them on paper
One safe – if extreme – way of ensuring Bitcoins don’t fall into the hands of hackers is to store them on paper. Bitcoin says, “When generated securely and stored on paper, or other offline storage media, a paper wallet decreases the chances of your bitcoins being stolen by hackers, or computer viruses. With each entry on a paper wallet, you are securing a sequence of secret numbers that is used to prove your right to spend the bitcoins. Be sure, though, your PC is clean before you print – the free software used to generate codes has been targeted by cybercriminals. Run a complete scan of your machine first, then keep AV software running as you print out.