New Malware Targets Crypto Wallets Including Binance, Coinbase, And Trust Wallets

Key Points:

• Russian malware, “Infamous Chisel,” poses threats to cryptocurrency wallets and Android apps.
• The malware exposes popular apps like PayPal, Dropbox, and Telegram, putting user data at risk.

In a recent report, the United Kingdom’s National Cyber Security Centre (NCSC) has uncovered a new strain of malware named “Infamous Chisel,” believed to have Russian origins, posing a significant threat to cryptocurrency wallets, exchange applications, and other sensitive data systems.

This advisory report stems from a collaborative effort involving prominent cybersecurity and law enforcement agencies such as the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Cyber Security Centre (NCSC), a division of the UK’s Government Communications Headquarters (GCHQ).

Infamous Chisel operates by scanning various directories on infected Android mobile devices, extracting a wide array of data from at least three cryptocurrency wallets, including the Binance App, Coinbase Wallet, and Trust Wallet.

Moreover, the malware extends its reach to browsers like Brave and Opera, both known for their cryptocurrency features.

However, the malware’s capability to extract data isn’t limited to crypto assets; it also poses a risk to various other applications, including PayPal, Dropbox, Firefox, Telegram, Skype, WhatsApp, Discord, Viber, and Google Chrome.

A total of 35 application directories, including specific Android system directories, are subjected to scrutiny.

The NCSC’s report did not explicitly state whether the stolen information could enable attackers to steal cryptocurrency or if Infamous Chisel has successfully led to any cryptocurrency theft.

It remains uncertain whether the information harvested provides full access to crypto accounts.

The malware has been attributed to a hacking unit linked to Russia‘s GRU military intelligence agency, known as Sandworm, which has previously targeted the Ukrainian military.

Infamous Chisel is designed to ensure persistent access to compromised Android devices through the Tor network while collecting and transmitting victim data periodically.

The comprehensive nature of data theft undertaken by Infamous Chisel underscores the malware’s intention to compromise a wide range of sensitive information, including cryptocurrency-related data and private keys, posing significant risks to affected individuals and organizations.

DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.