ElectroRAT Drains Cryptocurrency Wallet Funds of Thousands


A new remote access tool (RAT) has been discovered being used in an extensive campaign. The attack has targeted cryptocurrency users in an attempt to collect their private keys and ultimately to drain their wallets.

The never-before-seen RAT at the center of the campaign, which researchers dub ElectroRAT, is written in the Go programming language and is compiled to target a number of different operating systems, including Windows, Linux and MacOS.

The campaign was discovered in December 2020 – but researchers believe it initially began a year ago, and estimate that at least 6,500 victims have been infected, based on the number of unique visitors to the Pastebin pages used to locate command and control (C2) servers.

Read more…
Source: ThreatPost