A report jointly prepared by the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and the UK's National Cyber Security Center revealed a new threat called Infamous Chisel, which is used to target cryptocurrency wallets and exchange applications. It revealed the existence of Russian malware.
Joint FBI and GCHQ Report Reveals Chisel Malware Targeting Cryptocurrency
The malware has been linked to the activities of a hacking unit known as Sandworm within Russia's GRU military intelligence agency. This unit is known for targeting the Ukrainian army.
Infamous Chisel was developed to provide constant access to Android devices over the Tor network and to periodically collect and transmit victim data from these devices.
As part of unauthorized data operations, the malware searches for specific application directories on Android devices.
These include popular Web3 browser Brave, cryptocurrency exchange apps like Binance and Coinbase, Trust crypto wallet and directories related to messaging platforms Telegram and Discord.
Additionally, it targets the Android Keystore system used to store private keys and extracts all files in these directories.
As the value of digital assets increases, cybercriminals are constantly developing new methods to breach security protocols. Experts recommend that users pay attention to security steps when using stock market applications.