The “Infamous Chisel,” a new sophisticated malware, has been targeting crypto wallets and exchanges, as revealed in a joint report by the U.S. Federal Bureau of Investigation (FBI) and the U.K.’s Government Communications Headquarters (GCHQ).
Multi-Agency Alert Over ‘Infamous Chisel’ Malware Threat Targeting Android Crypto Infrastructure
The malware, named “Infamous Chisel,” has been designed specifically to target Android devices. Unlike many of its counterparts, this malware is associated with the notorious Sandworm’s activity, a group known for its complex cyber-espionage campaigns. The report notes that the malware can target specific crypto wallets and digital currency exchanges.
One of the alarming features of the “Infamous Chisel” is its ability to perform periodic scans of both files and network information, prepped for exfiltration. Once inside a system, it can access and export system and application configuration files, a treasure trove of data for malicious actors.
Beyond just exfiltration, the malware is equipped with a network backdoor capability. This is facilitated through Tor, commonly known as The Onion Router, and SSH (Secure Shell). Such access not only gives malefactors control over the device but also a degree of anonymity.
Its arsenal of capabilities doesn’t end there. “Infamous Chisel” also boasts network monitoring, traffic collection, SSH access, network scanning, and even SCP file transfer functionalities. This multi-pronged approach makes it a formidable tool in the hands of its operators. Crypto wallets mentioned in the security alert include Binance, Trust Wallet, and Coinbase.
The joint report was not an isolated warning. Agencies such as the UK National Cyber Security Centre (NCSC), US National Security Agency (NSA), US Cybersecurity and Infrastructure Security Agency (CISA), and even the Australian Signals Directorate (ASD) have expressed concerns over this malware.
What do you think about the joint warning from the government agencies about the Infamous Chisel malware? Share your thoughts and opinions about this subject in the comments section below.