According to an ESET blog post, the Trojan uses “social engineering methods,” resulting in fake pop-ups that force the user to enter personal or confidential information that is used to access financial accounts – fiat and cryptocurrency.
Casbaneiro is common in Latin America, especially in Brazil and Mexico.
In the Latin and South American region, the level of acceptance of bitcoins is gradually growing. With increasing volumes, the risk of their storage increases, and hackers make the most of the opportunity to fool new users.
The current Casbaneiro family of viruses attacks user clipboard data and allows attackers to overwrite and rеplace them with their own data. Bitcoin transfers can be captured by replacing your copied public address in the clipboard with the address of the attacker. When you insеrt and send bitcoins, they are sent to the attacker.
Virus According to a blog post published on We Live Security, the Casbaneiro virus works similarly to the Amavaldo virus family.
In September, BEG announced a new case of malware for Linux that, without their knowledge, extracted crypto files on users’ computers. Detected sophisticated malware TrendMicro attacks users using a secret master password and disguises its mining activities using fake network traffic.