Hackers are stealing crypto from one another over Telegram

Crypto-stealing malware distributed over Telegram channels

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Hackers are operating a scam via messaging application Telegram in a bid to swindle fellow cybercriminals, researchers have discovered.

According to security companyAvast, hackers are using theencrypted messaging platformto distribute HackBossmalwareand have so far stolen hundreds of thousands of dollars worth ofcryptocurrencyfrom victims.

The malware is disguised as software for brute-forcingpasswordsfor banking, dating and social media accounts. Once the wannabe hacker runs the program, crypto-stealing malware is intalled on their device.

HackBoss is also said to be relatively persistent, given that it comes with a registry key to run it at startup, as well as a scheduled task that runs the payload every minute.

Pasting the wrong address

The modus operandi for the malware is simple: it scans the clipboard for acryptocurrency walletand replaces it with another one, belonging to the attacker. Should the victim try to send crypto tokens to an address, the funds will be diverted to the attacker.

In theory, the scam is relatively easy to spot, as the address pasted just before sending will differ from the one copied beforehand. Attackers are hoping that most people don’t double-check the addresses after pasting, partly because wallet addresses are just a long string of random letters and numbers.

It seems this hypothesis is correct, too. Since November 2018, more than $560,000 in various cryptocurrencies has been sent to more than 100 addresses associated with the attackers.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

ViaBleeping Computer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new malware utilizes a rare programming language to evade traditional detection methods

A new form of macOS malware is being used by devious North Korean hackers

Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time