So their target is usually among ordinary users, hackers decide to attack other hackers by distributing malware in hacking kits. While they think they are downloading real malware, the sprinklers are actually installing software that steals clipboard data, which then allows attackers to recover crypto wallet passwords.
It is not uncommon for hackers to attack unsuspecting targets, even large companies that have been trained in cyber defense. It is much more, on the other hand, that they attack their accomplices. There are indeed precedents, such as the REvil collective which sold ransomware infected by a camouflaged backdoor. But the examples can be counted on the fingers of one hand.
However, it would seem that the practice is not isolated. Indeed, two reports explain having detected the presence of fake malware on hacker forums. The first is a “clipboard stealer”, meaning malicious software capable of stealing data from the victim’s clipboard. This type of program is mainly used to recover the passwords of crypto wallets, then to intercept transactions before they arrive safely.
Related: Here Are The 10 Most Dangerous Hackers Of All Time
Hackers get hacked too
Thus, ASEC spotted the distribution of a fake clipboard stealer on forums like Russia Black Hat. While hackers think they are downloading malware called BitRAT or Quasar RAT, which they have paid between 20 and 100 euros, they are actually installing software which, on the first restart, automatically runs in the system folders to steal confidential data.
A second report from Cyble explains that some forums are offering a one-month trial for AvD Crypto Stealer, a malware that, as its name suggests, aims to steal the crypto wallets of its victims. The mechanics are the same: once installed, the software infects the budding hacker’s PC with a clipboard stealer targeting transactions in Ethereum, Binance Smart Chain, Fantom, Polygon, Avalanche, and Arbitrum in particular. An operation that would have brought about 49,000 euros to its authors.