Panda Stealer Targets Cryptocurrency Wallets and Web Browsers

protect cryptocurrency wallet

The potential profits that cryptocurrency investments can bring have attracted millions of investors from around the world, and, unfortunately, many of them are likely to become the targets of scammers and cybercriminals. If you have viewed any popular cryptocurrency page on Twitter, you may have noticed fake profiles offering cryptocurrency giveaways. However, in order to participate, users must send some crypto to an unknown wallet. This is one of the most popular scams, and, thankfully, people are aware of them and know how to dodge them. However, there are more sophisticated methods that cybercriminals use to steal your precious coins – sometimes, they rely on malware like the Panda Stealer.

What is Panda Stealer exactly? Typically, infostealers put emphasis on stealing data from Web browsers, but this one is different – its top priority is hijacking cryptocurrency wallets. Of course, this is not its only feature – it also supports some of the malicious tasks that typical infostealers carry out.

Once the Panda Stealer is deployed on a computer, it will start working in the background and automatically scan the system for particular cryptocurrency wallet software, Windows apps, and other files. It targets:

  • Wallet addresses and private keys used by Bytecoin, Dash, Ethereum, Chia, and Litecoin.
  • Steal client files and sessions from NordVPN, Telegram, Discord, and Steam.
  • Grab screenshots.
  • Steal databases of Web browsers – these include passwords, cookies, history, bookmarks, and more data.

The malware is being actively spread through fake email messages, which carry a malicious Microsoft Excel attachment. We advise you to be careful when viewing unexpected emails, especially if they urge you to download a file attachment – this is one of the most popular tricks that cybercriminals use to spread their malicious applications. To make sure that you will not accidentally launch a dangerous app on your PC, you should use an up-to-date anti-malware application.

May 6, 2021