Old ransomware is new again

shutterstock_1050436496.jpg

Guard your Bitcoins, because there is an old form of ransomware currently being re-purposed for cryptojacking.  The malware originated from the April 2016 ransomware, Jigsaw. Jigsaw became infamous for using the image of Billy the Puppet from the movie, Saw.

The new malware is called BitcoinStealer.  The program changes the clipboard content in Bitcoin wallets to cause the currency be unintentionally paid to the hacker.  It changes Bitcoin addresses to forged ones. The forged addresses have such similar symbols at the beginning and end of the sequence, that victims often do not notice the change.

The rather basic attack has been very successful so far.  Some research reports that these attacks have stolen at least 8.4 Bitcoin which equals out to about $62,000.

Authorities are skeptical that the new malware has been released by the same author as the original, as the source code of Jigsaw is available online.  With Bitcoin’s recent value increase, we have been seeing more and more malicious cryptomining by criminals. Bitcoin users are warned to double-check the address where they are sending their Bitcoins to make sure that their payments don’t end up in the hands of a criminal.

Story via ZDNet