Quote:A new remote access tool (RAT) has been discovered being used in an extensive campaign. The attack has targeted cryptocurrency users in an attempt to collect their private keys and ultimately to drain their wallets.
The never-before-seen RAT at the center of the campaign, which researchers dub ElectroRAT, is written in the Go programming language and is compiled to target a number of different operating systems, including Windows, Linux and MacOS.
The campaign was discovered in December 2020 – but researchers believe it initially began a year ago, and estimate that at least 6,500 victims have been infected, based on the number of unique visitors to the Pastebin pages used to locate command and control (C2) servers.
“ElectroRAT is extremely intrusive,” according to Intezer researchers in a Tuesday morning analysis. “It has various capabilities such as keylogging, taking screenshots, uploading files from disk, downloading files and executing commands on the victim’s console. The malware has similar capabilities for its Windows, Linux and MacOS variants.”
Read more: https://threatpost.com/telegram-triangul...ns/162762/
![[-]](https://www.geeks.fyi/images/collapse.png)
