• ESET researchers discovered copycat Telegram and WhatsApp websites targeting Android and Windows users with trojanized versions of these popular instant messaging apps.
• These malicious apps are classified as clippers, a form of malware that either steals or alters clipboard contents.
• Additionally, some of these apps employ optical character recognition (OCR) technology to identify text within screenshots saved on the infected devices.
Hackers Target Crypto Through Trojanized Apps
ESET researchers recently discovered many copycat Telegram and WhatsApp websites targeting Android and Windows users with trojanized versions of instant messaging apps, all designed to steal victims‘ cryptos. The malicious apps are classified as clippers, a form of malware that either steals or alters clipboard contents in order to intercept cryptocurrency wallet addresses from victims‘ messaging interactions and substitute them with those controlled by the attackers. Some of these apps also employ optical character recognition (OCR) technology to identify text within screenshots saved on the infected devices.
Clipper Malware: A New Frontier for Cyber Criminals
This is the first time that Android clippers have been found built into instant messaging apps, marking a new frontier for cybercriminals targeting the growing number of people using cryptocurrencies. The primary objective of these clippers is to intercept victims‘ cryptocurrency funds, allowing cybercriminals to pilfer funds from unwitting users who rely on the trojanized apps for conducting cryptocurrency transactions. Additionally, there were also malicious Windows versions of these same apps bundled with remote access trojans (RATs), which provide attackers with even more control over the victims‘ devices in order to steal sensitive information and perform other malicious activities.
Google Play Enhances Security After Discovery
Prior to the establishment of App Defense Alliance, ESET researchers discovered the first Android clipper on Google Play. As a result of this discovery, Google enhanced Android security by limiting system-wide clipboard operations for background apps on Android versions 10 and above. This was done in order to protect unsuspecting users who unknowingly download malicious applications through unofficial sources rather than through legitimate app stores like Google Play Store or Apple App Store.
Tips For Avoiding Clipper Malware Attacks
In order to avoid becoming a victim of this type of attack it is important for users not only be aware but also practice good cybersecurity hygiene practices such as:
• Only installing applications from official app stores; • Regularly updating mobile operating systems; • Using two-factor authentication when available; • Utilizing strong passwords and password managers; • Implementing endpoint security software solutions;
• Silicon Valley Bank’s stock offering of $1.75 billion and General Atlantic’s purchase of $500 million common stock have caused investors to sell their shares, leading to a dramatic decrease in the shares of SVB Financial Group.
• Hedge funds such as Peter Thiel’s Founders Fund and Pantera Capital have recommended that portfolio firms remove their cash from the bank.
• Several cryptocurrency firms are now looking for other banking choices as difficulties arise with Silicon Valley Bank.
Silicon Valley Bank Stock Plummets
The announcement of a stock offering of $1.75 billion by Silicon Valley Bank and a separate purchase of $500 million common stock by private equity firm General Atlantic has caused investor panic and led to a dramatic decrease in the shares of SVB Financial Group, the bank’s parent business, which plunged by more than 60%. Pre-market trading on March 10 saw an additional 44% loss in SVB Financial Group’s shares.
Hedge Funds Recommend Removing Assets
Peter Thiel’s Founders Fund and Pantera Capital, both hedge funds and venture investors, have recommended that portfolio firms remove their cash from Silicon Valley Bank due to its uncertain financial state. Bloomberg reported that five more venture capital investors in cryptocurrency have also given this advice but requested that their names not be used owing to the commercial sensitivities involved.
Crypto Firms Seeking Alternatives
With the failure of Silvergate Bank earlier this week, crypto-focused businesses are looking for alternative banking options as issues arise with Silicon Valley Bank. Several users have brought difficulty logging into accounts at SVB to Twitter’s attention. Despite working with over 2,600 customers in the financial technology industry alone according to its website, difficulties remain for many crypto companies seeking banking services from Silicon Valley Bank.
Widespread Panic Among Traders
The sudden plunge in SVB Financial Group’s shares has led to widespread panic among traders investing both in stocks and cryptocurrencies alike. As uncertainty continues over Silicon Valley Bank’s ability to remain solvent, some venture capital investors fear further losses if assets are not removed quickly enough from the bank’s balance sheet.
Future Uncertainty For Crypto Companies
It remains unclear whether or not Silicon Valley Bank will be able to successfully recover from this financial crisis or what consequences further losses could bring for venture-backed technology businesses located in the United States who depend upon it for secure banking services moving forward
• Ethereum developers have released a new software feature called EntryPoint that allows wallets to act as smart contracts.
• EntryPoint is an optional feature offered by crypto wallet providers to enable features like automated payments, account recovery, and two-factor authentication recovery options.
• The security of the architecture allowing for account abstraction on various Ethereum based protocols relies on how securely it is implemented in one contract.
Ethereum Update Enables Wallets as Smart Contracts
Ethereum (ETH) developers have recently released a software feature called EntryPoint that allows wallet accounts to operate as smart contracts. This feature enables users to take advantage of „account abstraction,“ which simplifies complex tasks without the need for manual blockchain interaction. Account abstraction can provide users with advanced features such as automated payments, account recovery, two-factor authentication recovery options and native multi-signatures.
EntryPoint has undergone a thorough security audit conducted by OpenZeppelin and is now available on multiple blockchain networks including Ethereum, Polygon, Arbitrum and BNB Chain. Entry Point functions as a smart contract meant to be used by third parties; ensuring safe implementation of wallet abstractions within the protocol level. It is described in detail in Ethereum Request for Comments (ERC) 4337 which explains further features such as automated payments and two-factor authentication recovery options.
User Experience Improvement
The overall user experience of cryptocurrency wallets will be improved thanks to the introduction of EntryPoint due to its ability to provide “smart wallet” features like two-factor authentication recovery options and native multi-signatures making them more accessible and intuitive for users.
In order for the architecture enabling account abstraction across all these protocols to be secure, it must go through a rigorous auditing process described in ERC 4337 before being implemented into one contract known as “EntryPoint” which holds all trust points associated with this system.
The development of EntryPoint is great news for cryptocurrency users looking for additional convenience when using their wallets while maintaining high levels of security due to the extensive auditing process conducted prior its launch.