A new trojan called Krypto Cibule uses infested computers’ power to mine cryptocurrency, steal crypto wallet files, and redirect incoming digital assets to a hacker address. The malware rides on the Tor network and the Bittorrent protocol to perform attacks, according to an extensive report by cybersecurity company, ESET.
“Krypto Cibule is spread through malicious torrents for ZIP files whose contents masquerade as installers for cracked or pirated software and games,” researchers Matthieu Faou and Alexandre Cote Cyr, detailed in their report published September 2.
The malware is mostly active in the Czech Republic and Slovakia where it has been responsible for hundreds of attacks. Most victims downloaded the malware from files hosted on a torrent site popular in the two countries called uloz.to.
The mining operations of the malware, which ESET researchers trace back to 2018, are written into XMRig, an open-source program that mines monero using the CPU, and kawpowminer, another open-source program that mines ethereum (ETH) using…