Dutch computer scientists have discovered something very significant: the well-known Ebury virus is connected to the theft of a lot of cryptocurrency. In the past 15 years, this virus has taken over more than 400,000 computers, according to ESET, a Slovakian company.
The Dutch National High Tech Crime Unit (NHTCU) found it in 2021 while they were looking into something else. It was discovered on a computer that had been used to break crypto. The NHTCU worked with ESET after this was made public. Dr. Marc-Etienne Léveillé ran it. He had been studying Ebury for more than ten years.
ESET Uncovers Sophisticated Hacking Method Used in Cryptocurrency Theft
A tricky hacking method called adversary-in-the-middle (AitM) is said to have been used to steal digital cash. Hackers get information from people who log in or use a network because the botnet sends it to computers they control. Then, they can get into their victims’ wallets and steal those coins. “Cryptocurrency theft was not something that we’d ever seen them do before,” he noted.
A study from ESET says that in 2023, more than 100,000 computers were still vulnerable. The botnet goes after nodes for Bitcoin and Ethereum to steal passwords and wallets. When someone types their password into a server that is infected, the botnet gets it and uses it to get into other systems that are related to it.
Businesses, schools, ISPs, and people who trade cryptocurrency were among the groups that were hacked, according to the story. It’s hard for the police to catch them because they rent computers and attack with fake names. Someone said, “It’s tough to tell who did it.”
In 2015, Max Senakh was caught at the border between Russia and Finland and sent back to the US. He was known to deal with Ebury. At the end of 2017, the U.S. DOE charged Senakh with hacking into computers and jailed him for four years. One tip, though, is being looked into by the NHTCU. The people who planned Ebury are still not being seen.
The thieves are smarter now than they were before. Earlier this month, North Korean hackers used a new kind of malware called “Durian” to attack at least two Bitcoin companies. In January, a security company called Kaspersky said that money wallets on iPhones and iPads were being hacked.
Police and security firms like ESET need to work together more to find and stop internet threats as the fight against cybercrime gets tougher. The Ebury case shows that cyber risks are always changing. This is why you should always keep your computer stuff safe.
