Researchers at Zscaler ThreatLabZ have identified a new remote-access trojan (RAT) called Saefko, which retrieves Chrome browser history in a search for cryptocurrency-related activity
The RAT, written in .NET and available for sale on the dark web , also looks for information relating to other activities involving credit cards , business , social media , gaming , and online shopping .
For context, a RAT is a type of malware that features a backdoor , enabling perpetrators to remotely control a device .
By remotely controlling a device , the intruder is able to surreptitiously monitor user behavior, access confidential information, activate a webcam , take screenshots , and format drives, among other things.
Once the RAT infects the device it stays in the background, activating and executing every time the person logs in.
The list of different cryptocurrency categories Saefko searches for include:
When it comes to protecting yourself against Saefko, the usual advice applies.
Don’t download any programs or open any attachments from an untrusted source. Block unused ports, switch off unused services , and monitor all outgoing traffic .
And remember that attackers are often cautious, preventing the malware from doing too much at once, which would inevitably slow down a device and possibly attract the your attention .
Former BitConnect India chief on the run after promoting another crypto-scam
India‘s authorities have uncovered more cryptocurrency scams connected to the alleged head of BitConnect Asia, Divyesh Darji, Times of India reports .
Police claim Darji had also been marketing another dubious cryptocurrency-related investment, “Regal Coin,” by offering short-term returns of 5,000 percent on any investments made.
He’s also alleged to have promised Regal Coin would make investors more money than holding Bitcoin, but they would need to stay invested for at least 99 days. Darji’s name also appeared during investigations into another potentially fraudulent digital asset known as “Dekado coin.”
Regal Coin and BitConnect shared some similarities. A police spokesperson maintains Darji told investors he had access to a robotic trading algorithm that could generate profit (red flag).
He had also pledged referral bonuses would be paid every 11 days to those who would recruit more people to download the app.
The price of Regal Coin peaked in late 2017, when it hit close to $90. Times of India‘s report states the firm behind the project later folded after collecting nearly Rs 45 lakh ($65,000), but police say the scam could have defrauded investors for significantly more.
Darji is reportedly on the run, after being released on bail a month ago. You can read more about his part in the grande BitConnect scam here .
FBI contacts users of crypto exchange QuadrigaCX as investigation ramps up
The FBI has made contact with victims of the QuadrigaCX cryptocurrency exchange saga , a sign that its ongoing investigation is taking shape, CoinDesk reports.
Correspondence published by the outlet reveal that an FBI victim specialist has emailed former QuadrigaCX users, directing them to an online portal they can use to obtain more information.
“As a Victim Specialist with the FBI – Albany, I’m contacting you because we have identified you as a possible victim of a crime,” Valerie Gauthier wrote one QuadrigaCX user, before confirming that the FBI is on the case.
“The enclosed brochure introduces you to the FBI‘s Victim Assistance Program and the types of assistance that may be available to you,” she continued.
The FBI began looking into the Canadian exchange in March last year, some three months after its CEO Gerald Cotten is said to have died in India due to complications related to Crohn’s disease.
According to Vanity Fair , QuadrigaCX was processing nearly $2 billion in trades across 363,000 individual accounts back in 2017, and remained one of Canada’s largest cryptocurrency exchanges.
Cotten is said to have operated the exchange from his MacBook, and while reports indicate he’d set a “dead man’s switch” that would forward access to the cryptocurrency keys required to handle up to $250 million worth of customer funds still in play, Cotten’s sudden disappearance has left users entirely out-of-pocket.
The circumstances surrounding his death are indeed mysterious, which has led up to four international agencies to investigate the matter.
In December last year, lawyers representing QuadrigaCX users submitted a request to exhume Cotten’s body to confirm he’s actually deceased, as skepticism surrounding the legitimacy of his passing grew.
However grim, it appears no progress has been made to dig up Cotten’s body.
You can read more about the epic and curious QuadrigaCX saga here.