Trusted

Pennywise the YouTube Crypto Thief – Even Eviler Than You Thought

2 mins
Updated by
Join our Trading Community on Telegram

In Brief

  • Security experts have warned of a new malware that could cost victims all their crypto holdings.
  • The malware lurks on YouTube and over two dozen crypto wallets are at risk.
  • Malware has continued to plague the crypto industry with billions of dollars lost to hackers in the first half of 2022.
  • promo

YouTube users are being warned to be vigilant after a new variant of crypto-malware designed to steal data from 30 crypto wallets was identified.

Pennywise, named after the malevolent clown in Stephen King’s novel It, is designed to trick users into downloading malware, said cyber intelligence company Cyble.

The malware is masked as free Bitcoin mining software by hackers, said Cyble. Popular video-sharing site YouTube appears to be the primary means of spreading the malware as hackers have made over 70 videos with links in the description for victims to download the “mining software.”

After downloading the malware, victims are instructed to disable their anti-virus after being tricked by a virus-free file. The rest of the malware is downloaded into the victim’s device, and the use of an unknown encrypter makes debugging a herculean task.

Pennywise takes things up a notch by using multithreading to steal data at a faster pace.

The malware has the ability to take screenshots and access data from discussion platforms like Telegram and Discord. “Though the stealer is fresh, the Threat Actor (s) has already rolled an updated version, 1.3.4.,” said Cyble.

YouTube malware targets browsers and wallets

Pennywise casts a large shadow with several kinds of wallets coming under direct threat from the malware. 

The report noted that the malware currently targets over 30 kinds of Chrome-based browsers, five Mozilla-based browsers, and the Microsoft Edge browser. Cold wallets are also targeted by the malware.

Pennywise targets victims globally but excludes individuals from Russia, Belarus, Ukraine, and Kazakhstan. 

Cyble notes that the exclusion of these countries is probably “to avoid scrutiny by Law Enforcement Agencies.”

Individuals have been advised to avoid clicking on suspicious links on the internet, use a strong password and enable two-factor authentication (2FA) on accounts.

The rise of crypto malware

Crypto malware costs investors billions in losses. Colonial Pipeline fell victim in 2021 and the company had to pay $4.4 million as ransom to the attackers, widely considered to be DarkSide. 

Now law enforcement agencies have begun to fight back. Last week, a member of the NetWalker ransomware gang was arraigned and pleaded guilty to charges of money laundering in a U.S. court. 

NetWalker has racked up illicit proceeds of nearly $50 million since it started operations in 2020, with hospitals and schools being their primary targets.

Top crypto projects in the US | November 2024
Coinrule Coinrule Explore
Coinbase Coinbase Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024
Coinrule Coinrule Explore
Coinbase Coinbase Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Wahid.jpg
Wahid Pessarlay
Wahid loves to write, especially about Crypto and Blockchain. He started his blogging journey in 2017 and turned to crypto in 2019. Wahid is interested in tech, chess and DeFi. He aims to promote decentralization to everyone on the planet.
READ FULL BIO
Sponsored
Sponsored