Hackers developed a new scheme, disguised as free BTC and ETH generators, aimed at cryptocurrency stealing and implementing ransomware viruses on the victims’ computers.
The Bleeping Computer reports that hackers use some sites to promote their programs for free distribution of Bitcoin and Ethereum. According to sources familiar with the situation, hackers promote the BTC Collector program, promising users free Bitcoin equal to $5-$30 when they start the program.
In fact, the main purpose of malware disguising itself as a free distribution of cryptocurrencies is to install ransom malware viruses on the computers of victims
Reportedly, firstly Frost malware researcher found this scheme. In particular, this scheme is promoted through sites that promise to reward Bitcoin and Ethereum users when they recommend friends to visit the platform. The fraudsters claim that if 1,000 people are referred by the referral link of the participant in the scheme, he will receive 3 ETH.
The site also states that users can earn daily BTC in the amount of $15 to $\45 automatically, without doing anything. On the site you can download the BTC Collector program, which after downloading and installing, allegedly generates a free Bitcoin for the victim.
The VirusTotal link is embedded in the Bitcoin Collector (Zip file) to deceive the victim and make him believe that the program is safe and does not contain malicious codes. After the file has been downloaded and launched by the victim, many files are created, including the executable file BotCollector.exe. When you open BotCollector.exe, the program launches Freebitco.in-Bot, a Trojan disguised as a BTC generator.
Analyzing the Trojan, researchers found that as soon as the victim presses the “Start” button, the bot copies the file from geobaze \ patch \ logo.png to logo.exe and launches it.
Researchers noted; “Depending on the running campaign, this leads either to downloading an extortion virus, or to a trojan that steals passwords.”
As Bitcoin and altcoins continue to increase in price, fraudsters also improve their skills. For instance, last week it was reported that two new cryptocurrency phishing applications were found on Google Play.
