|
Title: [2018-07-21] The Jigsaw Ransomware Has Been Revived to Steal Bitcoin from Unsusp Post by: ivanpoldark on July 21, 2018, 06:40:48 AM The Jigsaw malware is back and it is ready to steal Bitcoin from consumers once again.
Jigsaw is Back to Scare Bitcoin Users ZDNet recently reported that the “Jigsaw” ransomware has recently been revised by hackers to steal Bitcoin from unsuspecting users through a “simple-but-effective trick.” According to the technology news source, Jigsaw first appeared in the cryptocurrency scene in April 2016 as a form of ransomware, holding the files and information of users hostage until a ransom of Bitcoin was paid. The reason why it is named Jigsaw is due to the fact that the piece of code displayed the likeness of the Saw horror film villain. However, with this most recent revision, the ransomware has been re-purposed to steal Bitcoin in a fairly innovative and non-intrusive manner, modifying the addresses inputted by a user. Once the piece of malware alters an address, the Bitcoin payment will then be redirected to the hacker’s wallet, resulting in lost crypto for the victim. Jigsaw, or “BitcoinStealer,” as it is known by references in the code of the program, accomplishes this by altering Bitcoin addresses in someone’s clipboard, or the area where copied pieces of text lie. However, the ingenuity of the program does not stop there, as BitcoinStealer is able to the intended address of the payment to one that looks very similar, using a program such as VanityGen to trick the user into thinking the hacker’s address and the original address are one and the same. https://preview.ibb.co/d4BuUJ/address_spoofing.png This ingenuity has proven to be rather successful, with researchers from Fortinet, who first broke the news about Jigsaw, saying that cyber attacks utilizing this method have garnered over 8.4 Bitcoin, or approximately $61,000 at current market prices. Fortinet also discovered that there were many similar projects for “modifying cryptocurrency addresses” being advertised on dark web forum sites, presumably by hackers enlisting the same method of attack. Read more: https://www.newsbtc.com/2018/07/20/the-jigsaw-ransomware-has-been-revived-to-steal-bitcoin-from-unsuspecting-users/ |
