Malware Found To Have Hijacked Bitcoin Blockchain

Bitcoin’s blockchain has been hijacked by a new strain of the Glupteba malware that uses the network to resist attacks, cyber security researchers have warned.

The malware uses the bitcoin blockchain to update, meaning it can continue running even if a device’s antivirus software blocks its connection to servers run by the hackers, security intelligence blog Trend Micro reported this week.

The bitcoin blockchain can be used to send data via bitcoin transactions. LIGHTROCKET VIA GETTY IMAGES

The Glupteba malware, first discovered in December 2018, is distributed through advertising designed to spread viruses through script and can steal an infected devices’ browsing history, website cookies, and account names and passwords with this particular variant found to be targeting file-sharing websites.

However, according to researchers, the new version of the malware can also mine the privacy-specialized monero cryptocurrency and threaten the security of Instagram users’ accounts.

The malware uses the Electrum bitcoin wallet to send bitcoin transactions that the attackers use to gain access to systems.

“This technique makes it more convenient for the threat actor to replace command and control servers,” Trend Micro researchers wrote. A command and control server is the centralized computer that issues commands to an infected network of devices.

“If they lose control of a command and control server for any reason, they simply need to add a new bitcoin script and the infected machines obtain a new command and control server by decrypting the script data and reconnecting.”

Security researchers at Trend Micro detailed how the Glupteba malware infects and compromises devices, which now can use the bitcoin blockchain to stay alive. TREND MICRO

It’s not the first time the bitcoin blockchain has been taken advantage of by criminals, with German researchers last year discovering child abuse imagery shared via the decentralized network