A new info-stealing malware we first saw being sold in the cybercriminal underground in June is now actively distributed in the wild. The malware is called Anubis and uses code forked from Loki malware to steal system info, credentials, credit card details, cryptocurrency wallets pic.twitter.com/2Q58gpSIs0 — Microsoft Security Intelligence (@MsftSecIntel) August 26, 2020
It has been reported that the new malware, called Anubis, seems to use code forked from Loki, as it steals crypto wallet credentials, credit card details, and other valuable information from these Windows users.
However, according to MSI, it first discovered the malware in June in the cybercriminal underground. It has the same name as another potent banking Trojan that has been targeting Android smartphones for months.
As per the report, MSI stressed that the malware seems to be controllable by stating that it has only been deployed in “what appears to be limited, initial campaigns that have so far only used a handful of known download URLs and C2 servers.”
Microsoft warns Windows users to be aware of the new malware that steals cryptocurrency https://t.co/9BXJDHYwq3 — Cointelegraph (@Cointelegraph) September 6, 2020
Certain websites trick people into downloading Anubis, then the malware steals information and sends these to command and control servers via an HTTP POST command.
MSI said that it will continue to monitor the threat, as cybersecurity experts suggested that the way to avoid the download is not to click on any e-mail that seems fishy.
Thus, the original code Loki used social engineering techniques to target its victims by sending attachments through e-mail, which, once clicked on, would install the malware.