According to Finance Magnates on Aug. 9, Security researchers have revealed a new remote-access trojan for sale on the dark web that’s attacking hardware to monitor trading and cryptocurrency-related activities.
Per the report, the team behind the research, Zscaler ThreatLabZ discovered the new malware dubbed 'Saefko' written in .NET with multiple functionalities, belonging "to the Remote Access Tool (RAT) family".
The malware reportedly gives easy access to cyber criminals to take over accounts and automate fraud when installed on any device, using various tactis to collect information from web browsers, specifically it goes to Chrome browser history and collects information regarding credit cards, social media logins, gaming, cryptocurrency, etc.
The malware searches some crypto websites that have been visited by the infected user and sends collected data to its server for further instructions. Websites already visited includes crypto exchanges and some of the top crypto related news platforms.
Furthermore, the publication says "Saefko only installs itself if it thinks it will go undetected and after one computer on a network is infected, the malware will try to infect other systems on the network to spread the infection."
Quoting one of the statement from the team, which advises crypto investors to be extremely careful, the report says:
“To protect systems from RATs, users must refrain from downloading programs or opening attachments that aren’t from a trusted source. At the administrative level, it’s always a good idea to block unused ports, turn off unused services, and monitor outgoing traffic. Attackers are often careful to prevent the malware from doing too much activity at once, which would slow down the system and possibly attract the attention of the user and IT,” it explains.