- A new Anubis malware is on the loose and could hack into cryptocurrency wallets on Windows machines
- The new malware was identified in August by Microsoft, with the reach being small for now
- The malware is different from the Anubis that arrived on the scene in 2018
Microsoft last week identified a new malware that could steal the contents of cryptocurrency wallets on Windows machines. Called Anubis, the malware is not related to the Android malware of the same name that appeared in 2018, and for now appears to have a narrow and specific range of targets, although the new Anubis malware could be used for more widespread attacks in the future.
Anubis Malware Spread “Limited” So Far
Microsoft Security Intelligence first warned users of the Anubis malware toward the end of August, saying that it was created to steal “system info, credentials, credit card details, cryptocurrency wallets”:
A new info-stealing malware we first saw being sold in the cybercriminal underground in June is now actively distributed in the wild. The malware is called Anubis and uses code forked from Loki malware to steal system info, credentials, credit card details, cryptocurrency wallets pic.twitter.com/2Q58gpSIs0
— Microsoft Security Intelligence (@MsftSecIntel) August 26, 2020
Anubis was first discovered in June and was analyzed by the threat intelligence team until they had enough information to make it public. Microsoft has not given much further information on Anubis at this point, except to say that it is being deployed “in what appears to be limited, initial campaigns that have so far only used a handful of known download URLs and C2 servers.”
The danger of course is that the malware proves effective and they expand the rollout to domestic Windows machines, many of which will contain web wallets such as Bitcoin core, Exodus, and Electrum.
Different From 2018 Android Vintage
Anubis was the name of another malware discovered in July 2018 which infected Android devices through fake Google apps. This version of the malware took control of the user’s device and stole login details, credit card information, and other financial data.
With so little information about the new version of the Anubis malware, the best advice to protect yourself against it is to ensure that your antivirus is up to date and, as always, to ensure that you don’t download apps that you don’t 100% trust.