Crypto Hot Wallet Stealer Malware Infects Your Computer, Takes Your Cryptocurrency

1 min read

A new type of Malware, termed BHUNT by Bitdefender, uses a stealthy profile embedded in cracked software copies to steal passwords, cookies and other sensitive information stored in Chrome, Internet Explorer, Opera, Safari and Firefox browsers. The Malware may be found via KMSpico downloads, a utility that activates Windows and Microsoft Office products illegally:

Bitdefender, a cybersecurity and antivirus company, has detected BHUNT, a new kind of malware that targets cryptocurrency wallets via software installs. The malware works on top of installs of unsecured or cracked software, that already comes packaged with the system to be deployed on desktop environments. Once installed, the software extracts passphrases and seeds from popular wallets.

BHUNT Malware Spotted in the Wild

Bitdefender, a leading cybersecurity firm, has issued a report regarding a new kind of password stealer that focuses on cryptocurrency wallets users have on their PCs. BHUNT, as this new malware is called, enters computers through infected software installs, mostly of cracked software. According to the technical document issued on the software, BHUNT attacks Exodus, Electrum, Atomic, Jaxx, Ethereum, Bitcoin, and Litecoin wallets. Once installed, the software can transfer the funds of the users to another wallet, and also steal other private data residing in the infected computer.

Password stealers are not new to the PC sector, as computers can already be infected by various viruses that also have these capabilities. What is special about this software is that its presence is heavily encrypted and it is packaged as digitally signed software, but the issued certificate does not match with the binary of the program.

Infection and Prevention

Bitdefender concluded that BHUNT was released in the wild with no clear target by the way it has spread. On how the software spread, Bitdefender’s report states:

All our telemetry originated from home users who are more likely to have cryptocurrency wallet software installed on their systems. This target group is also more likely to install cracks for operating system software, which we suspect is the main infection source.

The company indicated the level of infections detected on a map, and the countries with the most infections presented were Australia, Egypt, Germany, India, Indonesia, Japan, Malaysia, Norway, Singapore, South Africa, Spain, and the U.S.

Bitdefender also issued recommendations to avoid being infected with BHUNT or with other, similar password-stealing malware. “The most effective way to defend against this threat is to avoid installing software from untrusted sources and to keep security solutions up to date,” the report concluded.

Recently, a torrent that contained the new “Spiderman: No Way Home” movie was reported to also contain cryptocurrency malware.

Image Credits: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.

Recommended Reading

Crypto Wallets 101

Via this site

Have A Story? Get Featured On Heliumaxxent Plus 100+ More Exclusive Crypto News Sites