A new computer virus called Erbium focuses on compromising credit card information and login credentials for Chromium browsers (Microsoft Edge, Firefox, Chrome), but it can also hack into cryptocurrency wallets. Crypto wallets are secured by their cryptographic keys – a public key and a private key. This form of cryptography is among the most secure in existence today, though quantum computers may pose a threat in the future.
On the other hand, hardware crypto wallets (or ‘cold wallets’) store the private key on a physical device, making it unobtainable through any means, and are the highest standard of security for storing digital assets. Until now, no virus or hacker has ever succeeded in obtaining a hardware wallet’s private key, but browser wallets (or ‘hot wallets’) are known to be vulnerable to malware.
According to BeInCrypto, the Erbium virus is a ‘Malware-As-A-Service’ type of ransomware, and is currently offered as a $100 per month or $1,000 per year subscription plan. It even has its own customer support line. Along with stealing auto-complete data and credit card information, it can hack cryptocurrency browser wallets, and (for what may be the first time in blockchain history), some hardware wallets too. Normally, stealing cryptocurrency requires malicious links or phishing attacks that trick their owner into signing away their holdings, but some malware programs are capable of stealing a browser wallet’s private key when it is used to sign a transaction. However, until Erbium, none have been able to crack hardware wallets. According to a blog post by DuskRise, Erbium has been able to compromise Exodus, Ethereum, Litecoin-Core, Monero-Core, and Bytecoin hardware wallets, and can steal passwords from the Trezor passwords manager, making it possibly the first of its kind to be able to crack hardware wallets.
Update Your Antivirus And Don’t Download Sketchy Files
For now, Erbium spreads through infected files, which are mostly cracked game downloads and cheats at the moment, but like many viruses, it will be used to infect email attachments and other downloads in the future. Updating antivirus software, or obtaining a free or paid antivirus program, should be a user’s highest priority at this time. Users should always double-check email addresses that contain attachments before downloading them, and should stay away from torrent sites and any unwarranted download links if there’s any doubt about their antivirus protection.
While Erbium has been around for a few months now, it is beginning to pick up traction with ransomware hackers thanks to its ability to steal credit card data, login credentials, 2FA app codes, Steam and Discord tokens, Telegram authentications, and crack crypto wallets (including hardware wallets). Users will need to be vigilant to protect themselves and their crypto holdings from the Erbium virus.
Source: BeInCrypto, DuskRise
Read More: screenrant.com