The malware is being spread via a spam email campaign targeting primarily American and Japanese users.
Malware: ComboJack functions by replacing clipboard addresses with an attacker- controlled address which sends funds into the attacker’s wallet.
The malware is after Ethereum, Monero, Bitcoin, and Litecoin, but also after funds transferred via Qiwi, WebMoney, and Yandex Money.
EclecticIQ Fusion Center analysts uncovered additional related indicators and a user potentially behind this malware.
About EclecticIQ
EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.
EclecticIQ Fusion Center
EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.
Download Report
About EclecticIQ
EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.
EclecticIQ Fusion Center
EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.