Get a Pentest and security assessment of your IT network.

Cyber Security

Glupteba Malware Uses Bitcoin Blockchain to Update C2 Domains

A new variant of the Glupteba malware dropper is using Bitcoin to fetch command and control (C2) server domains from Bitcoin transactions marked with OP_RETURN script opcodes. The new variant uses Bitcoin transactions info parsed from a hardcoded Bitcoin address to retrieve C2 server addresses using a discoverDomain function designed to work on a schedule or when triggered by the attackers. The info stealer component added to this new variant makes it possible to collect browser profiles, cookies, and accounts names, and to extract saved passwords from Google Chrome, Opera, and Yandex web browsers.

Source: https://www.bleepingcomputer.com/news/security/glupteba-malware-uses-bitcoin-blockchain-to-update-c2-domains/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation