Hackers Are Stealing Crypto Thanks To Typing Mistakes

Hackers Are Stealing Crypto Thanks To Typing Mistakes

A group of hackers has successfully introduced malware in Windows-based PCs and Android phones with the help of typing mistakes.

Typosquatting is the technique that these hackers have leveraged, which involves registering domain names that are quite close to those of official organizations and brands.

This allows hackers to get private keys and data from unsuspected users.

Typing mistakes

A digital risk assessment and cybersecurity company called Cyble issued a report, which disclosed that a number of malware-infected domains have been established by hackers.

It said that these were designed to take advantage of the typing inaccuracies of users who are interested in going to a certain website.

These domains are designed to mimic well-known apps and organizations, such as Apkcombo, Apkure, and Google Play Store.

The users visiting these domains are asked to download a version of the app that is infected, which is used as a means of infecting their devices.

Whether it is a Windows-based PC, or an Android phone, the target device is then infected with ERMAC, which is a malware Trojan that enables the hackers to gain access to private data in the said device.

This includes private keys. The banking Trojan had first been identified last year and attackers are now using it to target more than 460 apps after paying $5,000 a month for it.

More sites and brands

The report from Cybel only disclosed evidence applicable to some brands and apps that were being mimicked, another security source investigated it further.

It confirmed that at least 27 apps and brand names were being targeted in such attacks. These include Snapchat, Tiktok, Paypal, Vidmate, and more dev-focused apps like the Tor Browser and Notepad+.

The list also includes crypto mining and crypto wallet apps and related websites. Some of the websites that are targeted include Cosmos Wallet, Tronlink, Ethermine, Phantom, and Metamask.

There are a variety of typo-squatted domains that have been registered for each of these fake domains, as the goal of the threat actors is to maximize the damage and effect of the attack.

Recommendations

A number of recommendations were also put forward by Cybel for avoiding such an attack, which includes installing an effective antivirus to protect your PC and phone.

Likewise, it also suggested that users monitor their banking accounts and their wallets on a regular basis. But, the best advice that is given in such situations is to be careful when you are opening a website.

Rather than typing out the domains, which can lead to typing mistakes, it is best to arrive at web pages of apps and software via the use of a search engine.

This means that users should avoid links that are included in any advertising campaigns or not follow the directions given on blogs.

Likewise, it is best to not type on your own because even a small mistake could lead you to the wrong page and before you know it, you will have an infected device.