Blog

Kaspersky discovers ‘Tusk,’ active information and crypto stealing campaign

Kaspersky has detected an online fraud campaign aimed at stealing cryptocurrency and sensitive information by exploiting popular topics such as web3, crypto, AI, online gaming, and beyond. Targeting individuals worldwide, the campaign is believed to be orchestrated by Russian-speaking cybercriminals and spreads info-stealing and clipper malware.

Kaspersky’s Global Emergency Response Team (GERT) has uncovered a fraud campaign targeting Windows and macOS users, aiming to steal cryptocurrency and personal data. The attackers lure victims through phishing websites mimicking legitimate services, such as crypto platforms, online games, and AI translators. These sites trick users into giving up sensitive information like crypto-wallet keys or downloading malware, allowing the attackers to drain funds or steal credentials.

The campaign, dubbed “Tusk” by Kaspersky, links to Russian-speaking threat actors due to code containing the word “Mammoth” (rus. “Мамонт”), slang for “victim.” Info-stealers like Danabot and Stealc, as well as clipboard-monitoring clippers, are being spread to harvest sensitive data, particularly targeting crypto-wallet addresses.

“The correlation between different parts of this campaign and their shared infrastructure suggests a well-organized operation, possibly linked to a single actor or group with specific financial motives,” says Ayman Shaaban, Head of Incident Response Unit, Global Emergency Response Team, Kaspersky. “In addition to the three sub-campaigns targeting crypto, AI, and gaming topics, our Threat Intelligence Portal has helped to identify infrastructure for 16 other topics — either older, retired sub-campaigns or new ones not yet launched. This demonstrates the threat actor’s ability to swiftly adapt to trending topics and deploy new malicious operations in response. It underscores the critical need for robust security solutions and enhanced cyber literacy to protect against evolving threats.”

Kaspersky recommends using comprehensive security solutions like Kaspersky Premium, checking for compromised credentials via their Digital Footprint Intelligence, and investing in cybersecurity training, and use a Kaspersky Password Manager to mitigate such threats. The full technical analysis will be available on Securelist, with further insights to be discussed at Kaspersky’s Security Analyst Summit (SAS) in Bali this October.

Tech and Teen

Recent Posts

OPPO and HKPolyU Renew Collaboration and Launch Joint Innovation Research Centre to Expand AI Imaging Frontiers

Guangdong OPPO Mobile Telecommunications Corp., Ltd. (OPPO) and The Hong Kong Polytechnic University (PolyU) held…

2 days ago

Marcel fridge buyers gets free car in Dhaka

Anisur Rahman, a resident of Uttarkhan in Dhaka, got a brand-new car after he had…

2 days ago

Tally Solutions showcased its latest innovation, TallyPrime 5.0 at 23rd Textech Bangladesh International Expo 2024

Tally Solutions, a leading technology company providing business management software, showcased its latest innovation TallyPrime…

3 days ago

Xiaomi Redmi 13C Ranks among Top Selling Smartphones Globally

The Xiaomi Redmi 13C has secured its position among the top 10 best-selling smartphones worldwide…

3 days ago

Voting now open for TikTok Awards 2024 Bangladesh

TikTok is thrilled to announce that voting is now open for the TikTok Awards 2024…

3 days ago

realme’s first-ever Snapdragon 8 Elite phone realme GT 7 pro launched globally

Youth favourite smartphone brand realme is delighted to launch the realme GT 7 Pro, the…

3 days ago