Bitcoin has grown exponentially over the past year or so, and this has made many hackers and malicious actors want to target cryptocurrency owners. Now, a new strain of bitcoin-based malware entitled “Save Yourself” is making the rounds, and while analysts have been warning enthusiasts about it for the past week, it seems to be much worse than originally thought.
How to “Save Yourself” from Malware
Save Yourself has been here for some time. Originally, it was a form of malware designed to record you through your computer’s webcam. Typically, footage would be taken (or allegedly be taken) of individuals who had a tendency for viewing “dirty websites.” Whatever footage was captured by the hackers ultimately become the object of blackmail. Either pay a digital currency ransom or face the music and have your footage released to the world. Pretty embarrassing…
But now it appears the malware does so much more. Aside from capturing recordings of you and gaining access to your webcam, it also appears to be a crypto jacking tool that mines other cryptocurrencies from your computer or mobile device.
Crypto jacking has become one of the most prolific kinds of attacks and is a very popular means of garnering funds by hackers. Once malware is downloaded to a computer, the hacker can potentially utilize your device from a distance and command it to mine cryptocurrencies. Typically, the target is Monero, which is popular amongst cyberthieves given its quasi-anonymous properties.
The hacker ultimately gets his fingers on profits that he (or she) never earned, while the person who owns the computer garners nothing minus the heavy energy bills that they get stuck with at the end of each month. Of course, the original owner never gave permission for their computer to be used in the first place.
Some of the Dangers at Hand
In addition to crypto jacking and recording, the malware can potentially compromise bitcoin and digital currency wallets per researchers from Reason Security. In a blog post, the researchers explain:
The malware is responsible for sending several spam emails as part of a sextortion campaign, where the goal is to trick the recipient into believing their computer has been infected and that their browsing details will be published unless they pay an extortion fee. The malware uses the computer as a proxy station to send blackmail emails to users and uses the CPU for Monero mining. To maintain a low profile, the malware will use only 50 percent of the CPU’s capability… [and] can also read clipboard data and replace bitcoin wallet addresses with its own address.
Even more dangerous is that now, the said hackers are switching from BTC ransoms to Litecoin ransoms as a means of looking less dodgy and lowering their chances of getting caught.