{"id":409,"date":"2021-12-17T20:09:21","date_gmt":"2021-12-17T20:09:21","guid":{"rendered":"http:\/\/cryptoheretostay.com\/?p=409"},"modified":"2021-12-17T20:09:22","modified_gmt":"2021-12-17T20:09:22","slug":"researchers-spot-new-cryptocurrency-stealing-malware-advertised-under-a-subscription-model","status":"publish","type":"post","link":"https:\/\/cryptoheretostay.com\/?p=409","title":{"rendered":"Researchers Spot New Cryptocurrency Stealing Malware Advertised Under a Subscription Model"},"content":{"rendered":"<p> <script type=\"text\/javascript\">\r\namzn_assoc_placement = \"adunit0\";\r\namzn_assoc_tracking_id = \"totafreearti-20\";\r\namzn_assoc_ad_mode = \"search\";\r\namzn_assoc_ad_type = \"smart\";\r\namzn_assoc_marketplace = \"amazon\";\r\namzn_assoc_region = \"US\";\r\namzn_assoc_default_search_phrase = \"crypto\";\r\namzn_assoc_default_category = \"All\";\r\namzn_assoc_search_bar = \"false\";\r\namzn_assoc_title = \"\";\r\namzn_assoc_rows =\"1\";\r\n<\/script>\r\n<script src=\"\/\/z-na.amazon-adsystem.com\/widgets\/onejs?MarketPlace=US\"><\/script><br \/>\n<\/p>\n<p><strong>A cryptocurrency-related malware program has been advertised on darknet forums as the \u201cleading way to make money in 2021,\u201d raising alarms among the cybersecurity community. Palo Alto Networks published a report on the malicious app Westeal, detailing the author\u2019s ties with other types of malware that steals major streaming services accounts.<\/strong><\/p>\n<h2 style=\"text-align: center;\">Westeal Claims to Be Immune Against Major Antivirus Software<\/h2>\n<p>According to the cybersecurity firm, \u201cWesteal\u201d is an evolution of \u201cWesupply Crypto Stealer,\u201d another malicious crypto software that has been sold since May 2020. Findings suggest that Wesupply\u2019s evolution has been advertised since mid-February 2021.<\/p>\n<p>The study points out that Westeal was designed to basically steal bitcoin (BTC) and ethereum (ETH) coming in and out of the victim\u2019s wallet through their clipboard.<\/p>\n<p>Moreover, people who acquire the malicious app get access to a web panel to handle all the operations, including a \u201cvictim tracker panel.\u201d<\/p>\n<p>A detail that raises concerns from Palo Alto Networks is the fact that Westeal is reportedly immune to major antivirus software.<\/p>\n<p>The malware works with a subscription model, and \u201cComplexcodes,\u201d the anon author of the app, profits by charging 20 euros ($24) monthly, 50 euros ($60) for three months, and 125 euros ($150) yearly.<\/p>\n<h2 style=\"text-align: center;\">The Malware Is a \u2018Shameless\u2019 Crypto Stealer, Researchers Say<\/h2>\n<p>The cybersecurity firm provides more details on the malware:<\/p>\n<p>In order to \u201csteal\u201d cryptocurrency from a victim, Westeal uses regular expressions to look for strings matching the patterns of bitcoin and ethereum wallet identifiers being copied to the clipboard. When it matches these, it replaces the copied wallet ID in the clipboard with one supplied by the malware. The victim then pastes the substituted wallet ID for a transaction, and the funds are sent instead to the substitute wallet.<\/p>\n<p>Still, Palo Alto Networks qualifies Westeal as a \u201cshameless\u201d malware:<\/p>\n<p>Westeal is a shameless piece of commodity malware with a single, illicit function. Its simplicity is matched by a likely simple effectiveness in the theft of cryptocurrency. The low-sophistication actors who purchase and deploy this malware are thieves, no less so than street pickpockets. Their crimes are as real as their victims. The fast and simple monetization chain and anonymity of cryptocurrency theft, together with the low cost and simplicity of operation, will undoubtedly make this type of crimeware attractive and popular to less-skilled thieves.<\/p>\n<p><em><strong>What are your thoughts on this cryptocurrency malware recently spotted? Let us know in the comments section below.<\/strong><\/em><\/p>\n<p>Felipe Erazo <\/p>\n<p class=\"article__body__author__info__about\">\nBorn in Colombia, Felipe earned a degree in journalism at the University of Chile with the highest honor in the overall ranking and holds a Bachelor of Arts in Social Communication. He is a writer with more than nine years of experience, first in the Forex field and later in the crypto industry as an analyst\/news junkie. Among his interest topics include human rights, decentralization, financial markets, geopolitics, sports, and new technologies. An inveterate traveler, and always attracted to a good plate of food.<\/p>\n<p><i class=\"td-icon-font td-icon-linkedin\"\/><\/p>\n<p><i class=\"td-icon-font td-icon-mail-1\"\/><\/p>\n<p><i class=\"td-icon-font td-icon-twitter\"\/><\/p>\n<p class=\"images_credits\"><em>Image Credits: Shutterstock, Pixabay, Wiki Commons<\/em><\/p>\n<p><strong>Disclaimer<\/strong>: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.<\/p>\n<p>More Popular NewsIn Case You Missed It<\/p>\n<p><script type=\"text\/javascript\">\r\namzn_assoc_placement = \"adunit0\";\r\namzn_assoc_tracking_id = \"totafreearti-20\";\r\namzn_assoc_ad_mode = \"search\";\r\namzn_assoc_ad_type = \"smart\";\r\namzn_assoc_marketplace = \"amazon\";\r\namzn_assoc_region = \"US\";\r\namzn_assoc_default_search_phrase = \"bitcoin\";\r\namzn_assoc_default_category = \"All\";\r\namzn_assoc_search_bar = \"false\";\r\namzn_assoc_title = \"\";\r\namzn_assoc_rows =\"1\";\r\n<\/script>\r\n<script src=\"\/\/z-na.amazon-adsystem.com\/widgets\/onejs?MarketPlace=US\"><\/script><br \/>\n<br \/><a href=\"https:\/\/news.bitcoin.com\/researchers-spot-new-cryptocurrency-stealing-malware-advertised-under-a-subscription-model\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A cryptocurrency-related malware program has been advertised on darknet forums as the \u201cleading way to make money in 2021,\u201d raising alarms among the cybersecurity community. Palo Alto Networks published a report on the malicious app Westeal, detailing the author\u2019s ties with other types of malware that steals major streaming services accounts. Westeal Claims to Be [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":410,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wp_rev_ctl_limit":""},"categories":[1],"tags":[],"class_list":["post-409","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-crypto-updates"],"_links":{"self":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts\/409","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=409"}],"version-history":[{"count":1,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts\/409\/revisions"}],"predecessor-version":[{"id":411,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts\/409\/revisions\/411"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/media\/410"}],"wp:attachment":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=409"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=409"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=409"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}