14 DAY TRIAL // The value of Bitcoin is dropping, but that doesn’t mean that cybercriminals have stopped targeting those who own digital currency. Researchers have recently spotted a version of the ZeuS malware that targets the customers of BTC China, the country’s largest Bitcoin exchange.
Earlier this month, Trusteer researchers revealed spotting a variant of the Citadel malware designed to capture screenshots of Bitcoin-related websites. Now, experts say that they’ve also identified a version of the ZeuS malware (Gameover) designed to target BTC China and other Bitcoin exchanges.
According to Trusteer, this Gameover malware waits for the owners of infected computers to visit the BTC China website. When they do, the threat steals their usernames and passwords, and hijacks their accounts.
What’s interesting to note is that after the Trojan steals the credentials, it suspends the session temporarily. It does this because the cybercriminals might also need the victim’s one-time password (OTP).
The information can be obtained via a fake window injected into the session instructing the user to hand over the OTP for security measures.
Cybercriminals are increasingly using Bitcoins to launder their criminal proceeds. They’re also increasingly targeting the virtual currency. However, experts say they don’t appear to trust it enough to keep their capital in Bitcoin.
Judging by discussions on underground forums, many still consider the currency too volatile, so they prefer to stick to the old payment systems, such as WebMoney.
“Rather, criminals use the currency as a middleman for laundering funds without leaving any tracks,” Trusteer’s Etay Maor noted in a blog post.
“It seems cybercriminals are not Bitcoins value speculators – they are interested in quickly monetizing stolen Bitcoins or using them as money laundering mechanism.”