Trojan horse currency theft

Written By getoffdeez

A Trojan horse currency theft is a type of cyber attack that involves a malicious software program, or "Trojan," being disguised as a legitimate program or file and then being installed on a victim's device. Once installed, the Trojan can gain access to sensitive information, such as login credentials or seed phrases, and steal the user's cryptocurrency assets.

Example of Trojan horse currency theft:

  1. A user downloads a program from an untrusted source, believing it to be legitimate software.

  2. The program is actually a Trojan that is disguised as legitimate software.

  3. The Trojan is installed on the user's device and begins to run in the background.

  4. The Trojan steals the user's login credentials and seed phrase for their cryptocurrency wallet and transfers the funds to an address controlled by the attacker.

  5. The user discovers that their cryptocurrency funds have been stolen and that their device has been infected with a Trojan.

It's important to be cautious when downloading software or files from unknown sources and to only download software from reputable sources. Additionally, keeping your device and software up-to-date with the latest security patches can help prevent Trojan infections.

Let’s take a look at the Ronin Bridge Hack

There has been a security breach on the Ronin Network. We discovered that on March 23rd, Sky Mavis’s Ronin validator nodes and Axie DAO validator nodes were compromised resulting in 173,600 Ethereum and 25.5M USDC drained from the Ronin bridge in two transactions. The attacker used hacked private keys in order to forge fake withdrawals. We discovered the attack this morning after a report from a user being unable to withdraw 5k ETH from the bridge. (Read More)

How did this happen?

Sky Mavis employees are under constant advanced spear-phishing attacks on various social channels and one employee was compromised. The said employee clicked on a file that gave the attacker access to their computer. Once the attacker got access to Sky Mavis systems they were able to get the signature from the Axie DAO validator by using the gas-free RPC. (Read More)

Sources:

Trojan Virus: How Does It Work and How to Protect Yourself https://www.webroot.com/us/en/resources/tips-articles/what-is-trojan-virus

Understanding Trojan Viruses and How to Get Rid of Them

https://www.mcafee.com/learn/understanding-trojan-viruses-and-how-to-get-rid-of-them/

getoffdeez

Just keep flapping

Previous

Malicious airdrops
Next

Let’s talk Wallets