new strain of crypto-malware, dubbed ‘PennyWise’, is being spread through YouTube videos. The malware tricks users into downloading software that’s designed to steal data from 30 different crypto wallets and crypto-browser extensions.
Cyber intelligence company Cyble in a June 30 blog post said it had been tracking the malware known as PennyWise — likely named after the monster in Stephen King’s horror novel It — since it was first identified in May.
Cybersecurity notes that malware is being spread on YouTube mining education videos purporting to be free Bitcoin software. The cybercriminals upload these instructions attracting viewers by telling them they can get rich quick with the latest cryptocurrency craze while also encouraging people against disabling their antivirus programs which enables this successful infection in victims' devices. Once installed, the malware takes your browser extension and login data and reads your chat logs in order to steal your crypto funds.
This malware pecifically targets Zcash and Ethereum wallets, alongside popular Electrum, Atomic Wallet, and Coinomi.
The best way to protect yourself from PennyWise is to only download software from trusted sources, and to never click on links in YouTube videos. If you think you may have been infected, you should run a malware scan on your computer and change all of your passwords.