Russian users of the Binance cryptocurrency exchange faced the spread of a password-stealing virus shortly after the financial platform imposed new restrictions against Russians. This was told socialbites.ca by Yaroslav Kargalev, head of the FACCT Cyber Security Center (former Russian division of Group-IB – Ed.).
The fake posts were recorded on the evening of August 27, the day after Binance banned Russian currency trading. Phishing emails offer to download a special program to circumvent the new restriction, which is actually a virus.
“To download the application, the user is asked to follow the unique link to a file hosting service that contains a zip archive containing malware with theft function,” Kargalev said.
Stealer is a type of malware whose main task is to capture usernames and passwords from various services and pass them on to attackers. In particular, thieves often steal authorization data from crypto wallets.
“Thieves are a huge threat today, and incidents involving them can have critical consequences for companies. The reality is that a hacked account not only leaks corporate data, it can also be the first vector of a more sophisticated, sophisticated hacker attack,” said Kargalev.
To avoid such incidents, the expert recommends following the basic rules of digital hygiene when working with e-mail, instant messengers and other messaging tools. Do not click on links, especially in messages from unknown senders. You should also compare the email address with the official address of the company’s support service if the sender appears to be a well-known brand.
Formerly socialbites.ca WroteHe said the number of DDoS attacks has increased in the UAE due to the migration of Russian businesses.