Investing.com - Financial Markets Worldwide
Get 40% Off
Get 40% Off
⚠ Earnings Alert! Which stocks are poised to surge?
See the stocks on our ProPicks radar. These strategies gained 19.7% year-to-date.
Unlock full list

Google Chrome Extension, VenomSoftX Steals Cryptocurrency, Passwords

Published 2022-11-22, 06:45 a/m
Updated 2022-11-22, 06:45 a/m
© Reuters. Google Chrome Extension, VenomSoftX Steals Cryptocurrency, Passwords

  • VenomSoftX was deployed by ViperSoftX Windows malware to steal clipboard contents.
  • ViperSoftX Windows malware acted as a JavaScript-based RAT and crypto hijacker.
  • VenomSoftX targeted crypto exchanges like Blockchain.com, Binance, Coinbase (NASDAQ:COIN), Gate.io, and Kucoin.

According to the latest reports, Google (NASDAQ:GOOGL) Chrome browser extension named ‘VenomSoftX’ is stealing cryptocurrencies and information like passwords. VenomSoftX was deployed by Windows malware to steal clipboard contents too while users browse the web.

This Chrome extension was reportedly installed by the ViperSoftX Windows malware. The malware acted as a JavaScript-based RAT (remote access trojan) and crypto hijacker.

Furthemore, the report revealed that since the beginning of 2022, Avast Threat Labs has detected and successfully terminated about 93,000 ViperSoftX infection attempts happening with users from the US, Italy, India and Brazil.

Avast probed the wallet addresses hard-fixed in ViperSoftX and VenomSoftX samples and found that the wallets together made nearly $130,000 by November 8, 2022.

VenomSoftX stole crypto by hooking API requests on a few leading crypto exchanges used by victims, states reports.

The Avast report read:

“When a certain API is called, for example, to send money, VenomSoftX tampers with the request before it is sent to redirect the money to the attacker instead.”

The services targeted by VenomSoftX included crypto exchanges like Blockchain.com, Binance, Coinbase, Gate.io, and Kucoin. Strikingly, the extension also kept an eye on the clipboard for adding more wallet addresses.

VenomSoftX could also tamper with HTML on websites to publicize the user’s crypto wallet address and also modify the parts in the background to redirect payments to the threat actor. The VenomSoftX extension also intercepts all API requests to the crypto services to determine the victim’s assets.The extension would then change the transaction amount to the maximum figure available and draw off funds over the time.

The post Google Chrome Extension, VenomSoftX Steals Cryptocurrency, Passwords appeared first on Coin Edition.

Latest comments

Install Our App
Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.