New Russian malware, dubbed ‘Infamous Chisel,’ identified targeting Binance, Coinbase, and Trust wallets

Discover the latest threat in the cybersecurity landscape with the emergence of the Russian malware, known as ‘Infamous Chisel.’ This malicious software has been specifically designed to target popular cryptocurrency platforms such as Binance, Coinbase, and Trust wallets. Stay alert and informed about this dangerous malware, ensuring the safety of your valuable digital assets.

Infamous Chisel: New Russian Malware Targets Crypto Wallets and Android Apps

The U.K.’s National Cyber Security Centre (NCSC) recently released a report on September 1, revealing the discovery of a new malware named “Infamous Chisel.” This malicious software specifically targets cryptocurrency wallets and various Android applications.

The Functionality of Infamous Chisel

Infamous Chisel operates by scanning different directories on infected mobile devices and extracting data from them. The malware has been identified to extract data from popular cryptocurrency wallets such as Binance App, Coinbase Wallet, and Trust Wallet. Additionally, it can also target browsers like Brave and Opera, which possess cryptocurrency features.

Although Infamous Chisel is primarily designed to extract data related to cryptocurrency, it can also target other applications. Vulnerable applications include PayPal, Dropbox, Firefox, Telegram, Skype, WhatsApp, Discord, Viber, and Google Chrome. A total of 35 application directories, including specific Android system directories, are scanned for vulnerable data.

It is important to note that the NCSC’s report does not explicitly mention whether the stolen information can enable attackers to steal cryptocurrency or if any cryptocurrency has been stolen as a result of Infamous Chisel. It is possible that the stolen information does not grant full access to crypto accounts.

The Culprit: Russia’s Sandworm

According to the recent report, Infamous Chisel is associated with Sandworm, a state-sponsored hacker group affiliated with Russia’s military intelligence service known as GRU. Sandworm is recognized by various aliases, including Telebots, Voodoo Bear, and Iron Viking. The group gained notoriety after launching a highly publicized ransomware attack against Ukraine in November 2022 and has been involved in previous cyber attacks as well.

Currently, Sandworm is utilizing Infamous Chisel to extract information pertaining to the Ukrainian military. The report, however, does not specify any profit motives behind these actions.

International cybersecurity groups in countries such as the U.S., the U.K., New Zealand, Canada, and Australia have acknowledged the threat posed by Infamous Chisel and are actively monitoring its activities.

Conclusion: The Growing Threat of Infamous Chisel

Infamous Chisel, a newly discovered Russian malware, poses a significant risk to cryptocurrency wallets and Android applications. Its ability to extract data from popular crypto wallets like Binance App, Coinbase Wallet, and Trust Wallet underscores the importance of adopting robust security measures in the cryptocurrency ecosystem. While the full extent of the malware’s consequences is still uncertain, it is crucial for individuals and organizations to remain vigilant and prioritize cybersecurity to protect sensitive data and prevent potential attacks.

NCSC report

Leave a Comment

Google News