Another major crypto wallet and exchange has been hacked. Currently, Crypto wallet and exchange platform, Atomic Wallet has been hijacked.
Another Major Crypto Wallet and Exchange Has Been Hacked
Criminals are now impersonating Atomic Wallet in a bid to try and distribute the Mars Stealer malware, various researchers have warned.
Atomic Wallet is one of the major cryptocurrency wallets that, aside from being able to store digital tokens of users, also act as an exchange platform, thus allowing users to swap between various types of cryptocurrencies. The Android version alone of the platform has over a million users.
But it’s however not the Android version that’s under threat here, but rather, the Windows version of the platform, as a malware researcher by the name of Dee, just discovered a fake Atomic Wallet website. And although it doesn’t look exactly like the legitimate one, the fake one still uses the company’s official logos, themes, marketing images, and structure. Visitors on the platform also can find email addresses, the FAQ section, and even a contact form.
A Fake Atomic Windows App in Circulation
One important thing to note here is that users will find three different download options which are for iOS, android and windows. The iOS button does nothing s it takes no sort of action. The android button on the other hand redirects users to the original play store app probably a trick to allow people to trust the website. The windows button lastly, triggers the download of the atomic wallet zip file which of course contains the Mars Stealer dropper.
Users who have visited the official site before will not be fooled by this fake platform, but those users on the other hand who are unfamiliar with Atomic Wallet’s official internet presentation very well might fall for it.
It’s not that difficult to find yourself on the fake website, too. Cybercriminals make use of various tactics, from advertising campaigns on social media, to social engineering attacks, to SEO poisoning, and the old-fashioned email spam just to get to users.
What Is the Mars Stealer Malware
Mars Stealer is a popular and classic infostealer malware and once it finds its way to an endpoint, it will start looking for credentials that are saved in the browsers as well as wallets, two factor authentication plugins and cryptocurrency extensions. And as of now, the publication claims that the website is still online.
To stay safe as a user, you should always double check and make sure that you are downloading from the legitimate site, which you can easily do by going directly to the main website rather than just clicking on a link in emails, direct messages and or advertising campaigns.