Hackers Take Advantage of Typos to Steal Cryptocurrency – Security Bitcoin News

A group of hackers has taken advantage of typos to introduce malware to Android phones and Windows-based PCs. Using a technique called typosquatting, which consists of registering domains that are dramatically close to the domains of official brands of organizations, hackers obtain data and private keys from unsuspecting users, according to a report issued by Cyble.

Entering a web domain incorrectly can be dangerous for your wallet

Hackers have set up a web of malware-infected domains that take advantage of the typing inaccuracies of users when they arrive at a particular website. According to a report issued by Cyble, a cybersecurity and digital risk assessment firm, these domains impersonate well-known organizations and apps, such as the Google Play Store, Apkure, and Apkcombo, among others.

Users visiting the domains are prompted to download an infected version of the requested app, which will act as a vehicle for the infection. The target device, be it an Android phone or a Windows PC, will then be infected with a version of ERMAC, a malware trojan that allows the threat actors to access several critical private data on the target device, including private keys.

The banking trojan was first discovered in 2021 and it now targets more than 460 applications, allowing attackers to rent the services for $5,000 a month.

Hackers targeting multiple websites and involved brands

While the aforementioned report only found evidence of a small group of apps and brands being imitated, further investigation by another security source confirmed that at least 27 brands and app names are being targeted by this type of attack. Among these is Tiktok
Vidmate, Snapchat, Paypal and even more development-focused apps like Notepad+ and the Tor browser.

Cryptocurrency wallets and crypto mining and related sites are also on the list. Throne link
Metamask, Phantom, Cosmos Wallet and Ethermine are part of the group of sites also targeted. Each of these fake domains has different typo domains registered, to maximize the impact and damage of the attack.

Cybel provides various recommendations to avoid this type of attack, including having an effective antivirus that protects your phone and PC, and monitoring wallets and bank accounts regularly. However, the best advice is to get to the websites of software and apps using a search engine, and avoid directions and links that appear on the blog as part of advertising campaigns.

What do you think about hackers exploiting misspelled domain names to steal crypto? Tell us in the comments section below.

Sergio Goschenko

Sergio is a cryptocurrency journalist based in Venezuela. He describes himself as late to the game, entering the cryptosphere when the price spike occurred during December 2017. He has a computer engineering background, lives in Venezuela and is influenced by the cryptocurrency boom on a social level, offering a different point of view on crypto success and how it helps the unbanked and underserved.

Image credit: Shutterstock, Pixabay, Wiki Commons