Crypto Enthusiasts Targeted in Multi-Vector Malware Attack Disguised As Python-Based Trading Tool: Report
Malware disguised as a Python-based trading bot has reportedly targeted crypto traders in a multi-vector supply chain attack.
According to a new blog post by cloud-based cybersecurity firm Checkmarx, crypto enthusiasts have been targeted by advanced malware cloaked as a suite of artificial intelligence (AI)-based crypto trading tools that aim to steal sensitive data and drain crypto wallets.
Checkmarx says the malware was distributed through code-sharing platform GitHub and PyPi (Python Package Index), a centralized location for Python packages, and targeted both Windows and Mac operating systems.
According to Checkmarx, the malware utilized deceptive graphical user interface to distract victims and a multi-stage infection process that led victims to a fake website.
“The CryptoAITools malware employs a sophisticated multi-stage infection process, leveraging a fake website to deliver its secondary payloads…
A unique aspect of this attack, compared to many malicious packages we have seen in the past, is that the CryptoAITools malware incorporates a graphical user interface (GUI) as a key component of its social engineering strategy.
This GUI appears the moment the second-stage malware is activated and presents itself as an ‘AI Bot Starter’ application. It is designed to distract users and collect sensitive information while the malware operates covertly.”
The attacker also set up a Telegram channel masquerading as the product’s tech support, further tricking users with offers of free trials.
“In the Telegram chat, the attacker employs various tactics to lure potential victims. They offer ‘bot support’ to establish credibility and trust. To entice users, they promote their GitHub repository as hosting their ‘most powerful bot,’ appealing to those seeking advanced trading tools.
The attacker then proposes an attractive offer: a free trial period followed by a monthly subscription model, making the proposition seem both risk-free and professional.”
Checkmarx says the malware had “severe” consequences on its victims, including the potential theft of their identities, browser data, sensitive computer files, and digital assets.
Don't Miss a Beat – Subscribe to get email alerts delivered directly to your inboxCheck Price Action
Follow us on X , Facebook and Telegram
Surf The Daily Hodl Mix
Generated Image: Midjourney
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
New spot margin trading pair — HOLO/USDT!
FUN drops by 32.34% within 24 hours as it faces a steep short-term downturn
- FUN plunged 32.34% in 24 hours to $0.008938, marking a 541.8% monthly loss amid prolonged bearish trends. - Technical breakdowns, elevated selling pressure, and forced liquidations highlight deteriorating market sentiment and risk-off behavior. - Analysts identify key support below $0.0080 as critical, with bearish momentum confirmed by RSI (<30) and MACD indicators. - A trend-following backtest strategy proposes short positions based on technical signals to capitalize on extended downward trajectories.
OPEN has dropped by 189.51% within 24 hours during a significant market pullback
- OPEN's price plummeted 189.51% in 24 hours to $0.8907, marking its largest intraday decline in history. - The token fell 3793.63% over 7 days, matching identical monthly and yearly declines, signaling severe bearish momentum. - Technical analysts cite broken support levels and lack of bullish catalysts as key drivers of the sustained sell-off. - Absence of stabilizing volume or reversal patterns leaves the market vulnerable to further downward pressure.
New spot margin trading pair — LINEA/USDT!
Trending news
MoreCrypto prices
More
