Email phishing campaign targeting Bitcoin with Orcus RAT

in #bitcoin8 years ago

Emails designed specifically to target Bitcoin investors, posing as an announcement offering the new Bitcoin trading bot, Gunbot. However, the email is actually distributing Orcus RAT malware which, rather than generating profit, can result in the loss of investments.

The spam email includes an attached archive containing a VB Script which, when executed, downloads a PE binary file disguised as a JPEG image. The downloaded executable contains a further three embedded PE executables where the Orcus RAT server can be found.

Orcus enables attackers to load custom plugins developed by users, as well as plugins that are readily available from the Orcus repository. In addition to this, it can activate a device’s microphone and webcam whilst disabling webcam light indicators, leverage a plugin available from the repository that can be used to perform DDoS attacks and perform password retrieval and key logging.

Capture.PNG

#phishing #malware #cryptocurrency #gunbot
8 years ago in #bitcoin by
$0.00
    1 vote
    Reply 1
    Sort:  
  • Trending
    • [-]
     8 years ago 

    Congratulations @zer0daydan! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

    You published your First Post
    You got a First Vote

    Click on any badge to view your own Board of Honor on SteemitBoard.
    For more information about SteemitBoard, click here

    If you no longer want to receive notifications, reply to this comment with the word STOP

    By upvoting this notification, you can help all Steemit users. Learn how here!