An advisory report issued by government agencies in the United States and the United Kingdom warns users to beware of new malware being used to target crypto wallets and exchanges.
The U.S. National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the U.K.’s National Cyber Security Centre (NCSC), which is a part of the Government Communications Headquarters (GCHQ) collaborated to release a joint report about the malware dubbed the “Infamous Chisel.”
According to the report, the malware has been tied to the activities of Sandworm, a cyberwarfare unit working under the GRU, Russia’s military intelligence agency. The joint report also noted that Sandworm has been targeting the Android devices of the Ukrainian military, using the new malware to extract information from compromised mobile devices.
The report noted that some of the data extracted by the malware included data within the directories of the Binance and Coinbase exchange applications and the Trust Wallet application. According to the report, every file in the directories listed is being exfiltrated regardless of type.
Directories where information were extracted by the malware. Source: National Cyber Security Centre
The joint report also noted that the Infamous Chisel’s components were developed with only little regard for the “concealment of malicious activity.“ The malware lacks stealth techniques to disguise its activities. However, this may be because of the lack of host-based detection systems for Android devices, according to the report.
Meanwhile, almost $1 billion has been lost to exploits, hacks and scams in 2023. On Sept. 1, blockchain security firm CertiK reported that around $997 million had been lost year-to-date. In August alone, around $45 million were lost to such attacks. Despite the amount, the losses were significantly lower than the previous month. In July, more than $486 million worth of digital assets were lost to malicious attacks.