New Anubis Data-Stealing Malware Targets Cryptocurrency

anubis cryptocurrency theftCryptocurrency has been mainstream for years. Like with everything else of value, there are people trying to steal it. Cybercriminals have come up with various ways to try to get their hands on cryptocurrency. Microsoft has warned the public of one more threat to their crypto wallets. This new malware is called Anubis Stealer, suspected as a variation of Anubis Ransomware and the Anubis Trojan, and it targets the wallets of Windows users.

According to Microsoft Security Intelligence (MSI), Anubis uses code which was probably borrowed from Loki and then significantly modified. The purpose of this threat is to get access to system information and any kind of financial data including credit card data, account credentials and crypto wallets. Naturally, all this information is then exfiltrated and delivered to the cybercriminals operating Anubis. The information is sent using an HTTP POST request.

MSI noted that at this point there seem to be a limited number of campaigns that spread Anubis. There are a few known URLs and C2 (command and control) servers utilized by the cybercriminals. One of Loki’s infection vectors was phishing and the operators of Anubis may use that method as well. Windows users who have cryptocurrency wallets should do their best to avoid getting infected. The usual best practices for safe internet use must be applied at all times.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.